Date: Tue, 11 Jan 2005 23:05:43 +0100 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Micah <micah@micah.ws> Cc: freebsd-security@freebsd.org Subject: Re: Possible security issue with jails Message-ID: <24203.1105481143@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 11 Jan 2005 22:10:55 GMT." <20050111221055.GD68350@micah.tamu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20050111221055.GD68350@micah.tamu.edu>, Micah writes: >Howdy! > >I'm not sure if this is actually an issue, feature or a bug, but I have found >that inside a jail, the jailed root user is able to sniff traffic (and enable >promiscuous mode) on at least the interface of the IP address the jail is attached >to. Only if you leave bpf devices in the devfs mounted on the jail. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24203.1105481143>