Date: Thu, 10 Dec 2009 09:44:37 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Linda Messerschmidt <linda.messerschmidt@gmail.com> Cc: freebsd-hackers@freebsd.org, Ivan Voras <ivoras@freebsd.org> Subject: Re: UNIX domain sockets on nullfs still broken? Message-ID: <alpine.BSF.2.00.0912100943450.23303@fledge.watson.org> In-Reply-To: <237c27100912010722g2f6c4647ga82370284bc26e20@mail.gmail.com> References: <20091130142950.GA86528@logik.internal.network> <hf0lle$5mk$1@ger.gmane.org> <20091130150127.GA82188@logik.internal.network> <hf0ngp$cpb$1@ger.gmane.org> <237c27100912010722g2f6c4647ga82370284bc26e20@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 1 Dec 2009, Linda Messerschmidt wrote: > On Mon, Nov 30, 2009 at 10:14 AM, Ivan Voras <ivoras@freebsd.org> wrote: >>> What's the sane solution, then, when the only method of communication >>> is unix domain sockets? >> >> It is a security problem. I think the long-term solution would be to add a >> sysctl analogous to security.jail.param.securelevel to handle this. > > Out of curiosity, why is allowing accessing to a Unix domain socket in a > filesystem to which a jail has explicitly been allowed access more or less > secure than allowing access to a file or a devfs node in a filesystem to > which a jail has explicitly been allowed access? (I seem to have caught this thread rather late in the game due to being on travel) -- Ivan is wrong about nullfs, it's broken due to a bug, not a feature, and that bug is not present when using a single file system. He's thinking of unionfs semantics, where if it worked it would be a bug. :-) Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0912100943450.23303>