From owner-freebsd-hackers@FreeBSD.ORG Fri Apr 22 14:22:29 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F0C9B16A4E2 for ; Fri, 22 Apr 2005 14:22:28 +0000 (GMT) Received: from hotmail.com (bay2-f14.bay2.hotmail.com [65.54.247.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC88143D5D for ; Fri, 22 Apr 2005 14:22:28 +0000 (GMT) (envelope-from jas_arlerr@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 22 Apr 2005 07:22:28 -0700 Message-ID: Received: from 61.187.54.10 by by2fd.bay2.hotmail.msn.com with HTTP; Fri, 22 Apr 2005 14:22:28 GMT X-Originating-IP: [61.187.54.10] X-Originating-Email: [jas_arlerr@hotmail.com] X-Sender: jas_arlerr@hotmail.com From: "Jas arlerr" To: joerg@britannica.bec.de, freebsd-hackers@freebsd.org Date: Fri, 22 Apr 2005 14:22:28 +0000 Mime-Version: 1.0 Content-Type: text/plain; charset=gb2312; format=flowed X-OriginalArrivalTime: 22 Apr 2005 14:22:28.0598 (UTC) FILETIME=[B68E2960:01C54746] X-Mailman-Approved-At: Fri, 22 Apr 2005 14:34:08 +0000 Subject: Re: Configuration differences for jails X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Apr 2005 14:22:29 -0000 >From: Joerg Sonnenberger >To: freebsd-hackers@freebsd.org >Subject: Re: Configuration differences for jails >Date: Thu, 21 Apr 2005 13:43:59 +0200 > >On Thu, Apr 21, 2005 at 07:39:08AM -0400, c0ldbyte wrote: > > Now if that last question is correct and thats the proccess you are using > > to create a jail then depending on the situation wouldnt that inturn > > defeat some of the main purposes of the jail, like the following. If you > > mounted your "/bin" on "/mnt/jail/bin" then if a person that was looking > > to break in and effect the system that is currently locked in the "jail" > > all he would have to do is just write something to the "jail/bin" which is > > actualy your root "/bin" and then the next time a binary is used from your > > root directories it could still infect the rest of the system ultimately > > defeating the purpose of what you just set up. To my understanding and use > > a jail is somewhat totaly independent of the OS that it resides in and > > wont be if you are using nullfs to mount root binary directories on it. > >ro mount as written by grant parent protects against this. > I am not very familar with mount_nullfs, but i think it is _one_ copy with _multiple_ references(FIXME).So if we modify something in one jail, the same effect will also impose on other jails,even the real machine. Due to this problem, readonly mounts may be a good choice. BUT if we do some things related to the /etc files, such as passwd, ro mounts can not deal with this situation because different jails need different passwd files for private users. So I think this can only be done by making a copy of relevant files but not ro mounts. Any idea? regards Jas _________________________________________________________________ 享用世界上最大的电子邮件系统— MSN Hotmail。 http://www.hotmail.com