From owner-freebsd-questions Tue Apr 17 7: 6:23 2001 Delivered-To: freebsd-questions@freebsd.org Received: from nisser.com (c0039.upc-c.chello.nl [212.187.0.39]) by hub.freebsd.org (Postfix) with ESMTP id 6AFFF37B424 for ; Tue, 17 Apr 2001 07:06:20 -0700 (PDT) (envelope-from roelof@nisser.com) Received: from nisser.com (roelof [10.0.0.2]) by nisser.com (8.9.3/8.9.2) with ESMTP id QAA29357; Tue, 17 Apr 2001 16:06:03 +0200 (CEST) (envelope-from roelof@nisser.com) Message-ID: <3ADC4DCB.9167BFBB@nisser.com> Date: Tue, 17 Apr 2001 16:06:03 +0200 From: Roelof Osinga Organization: Nisser - Nr. 1 in Veiligheid X-Mailer: Mozilla 4.72 [en] (Windows NT 5.0; U) X-Accept-Language: en,pdf MIME-Version: 1.0 To: FreeBSD Cc: Odhiambo Washington , FBSD-Q Subject: Re: Starting JAIL References: <20010416154914.H79383-100000@Amber.XtremeDev.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG FreeBSD wrote: > > ... > I'm curious as to how a user can break out of a FreeBSD chroot. According > to http://docs.freebsd.org/44doc/papers/jail/jail-6.html#section8, three > three classes of chroot attacks were countered in FreeBSD. Are there other > ways to break out of chroot than those mentioned? None that I know, but that ain't saying much. But do consider the amount of tedious, even manual, labour that went into it. Structured code walkthroughs aren't the world most exciting tasks. Except when you're a cracker looking for a hole in the wall, of course. Also, the jail code went live not so long ago. It's still early days. For production systems I think it's courting trouble (providing shell access, that is). It's truly a great and exciting step forward... very promising . Roelof To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message