Date: Thu, 6 Dec 2001 10:08:39 -0500 From: "alexus" <ml@db.nexgen.com> To: "Crist J . Clark" <cjc@FreeBSD.ORG> Cc: <freebsd-security@FreeBSD.ORG> Subject: Re: identd inside of jail Message-ID: <00dd01c17e67$e31c0480$0d00a8c0@alexus> References: <000901c17de6$c6a49730$0d00a8c0@alexus> <20011206003719.S3061@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
well .. can you suggest somethin here? ----- Original Message ----- From: "Crist J . Clark" <cjc@FreeBSD.ORG> To: "alexus" <ml@db.nexgen.com> Cc: <freebsd-security@FreeBSD.ORG> Sent: Thursday, December 06, 2001 3:37 AM Subject: Re: identd inside of jail > On Wed, Dec 05, 2001 at 06:44:26PM -0500, alexus wrote: > > Hello > > > > I'm posting on this thread on this list due to jail itself is a security > > related issue, if this is wrong list i'll repost it on another list. > > > > did anyone sucseed on making identd (from inetd) or any other identd to work > > inside of jail? > > I don't think the auth service in inetd(8) will work in a jail. I > believe the "net.inet.tcp.getcred" sysctl(3) fails. > > > the identd itself is working, however to make it work for outside world too > > i put forward for port 113 using natd > > > > su-2.05# grep 113 /etc/natd.conf > > redirect_port tcp jail:113 113 > > And running it through a NATing gateway opens up a whole bunch of other > issues that have nothing to do with jail(8). > -- > "It's always funny until someone gets hurt. Then it's hilarious." > > Crist J. Clark | cjclark@alum.mit.edu > | cjclark@jhu.edu > http://people.freebsd.org/~cjc/ | cjc@freebsd.org > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00dd01c17e67$e31c0480$0d00a8c0>