Date: Tue, 20 May 2003 12:17:10 +0100 From: lemon <lemon@aldigital.co.uk> To: freebsd-questions@freebsd.org Subject: jail manipulation of routing table Message-ID: <3ECA0EB6.3020500@aldigital.co.uk>
next in thread | raw e-mail | index | archive | help
hi,
i'm puzzled about a jail'd root user's ability to manipulate the host's
routing table - i was under the impression that this shouldn't be
allowed [0].
the scary bit is the jail'd root can drop the host's default route.
should this be the case? have i missed some sysctl knob?
maybe i need to patch kern/uipc_socket.c's socreate to be less
permissive with the unixiproute_only sysctl (rendering it a misnomer,
perhaps another sysctl altogether would be better).
jail# route add -host 1.2.3.4 5.6.7.8
add host 1.2.3.4: gateway 5.6.7.8
host$ netstat -nr | grep 1.2.3.4
1.2.3.4 5.6.7.8 UGHS 0 0 rl0
host$ sysctl -a | grep jail
jail.set_hostname_allowed: 0
jail.socket_unixiproute_only: 1
jail.sysvipc_allowed: 0
host$ uname -a
FreeBSD 4.8-STABLE FreeBSD 4.8-STABLE #5: Sun May 18 23:04:37 BST 2003
root@pith.lemonia.org:/usr/obj/usr/src/sys/pith i386
regards, l.
[0] <http://docs.freebsd.org/44doc/papers/jail/jail.html>;
--
lemon@aldigital.co.uk +44 020 8742 0755 http://www.aldigital.co.uk/
system administrivia c6 h8 o7 http://www.thebunker.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3ECA0EB6.3020500>