Date: Fri, 19 Jul 2013 08:34:45 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: "Julian H. Stacey" <jhs@berklix.com> Cc: freebsd-security@freebsd.org, freebsd-jail@freebsd.org, np@bsn.com Subject: Re: /dev/pts/0 in a jail shows no one is observing from outer prison. Message-ID: <86d2qfdpmi.fsf@nine.des.no> In-Reply-To: <201307181308.r6ID8eGI023276@fire.js.berklix.net> (Julian H. Stacey's message of "Thu, 18 Jul 2013 15:08:40 %2B0200") References: <201307181308.r6ID8eGI023276@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Julian H. Stacey" <jhs@berklix.com> writes: > A ssh to a jail followed by Who, if it shows just pts/0, shows > no one else is logged in { within jail And Also Outer Prison > [And presumably also other parallel jails] }. Not really, it just shows that pts/0 was available. Like file descriptors, pseudo-ttys are allocated on a first-unused basis. There could be twenty people logged in; if the first logs out, the twenty-first gets pts/0. Also, please read the warning at the start of the jail chapter in the FreeBSD handbook. I should probably update it to note that there are many ways in which information can leak between jails and the host. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86d2qfdpmi.fsf>