From owner-freebsd-virtualization@FreeBSD.ORG Wed Jun 18 21:02:42 2008 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2754A106568E for ; Wed, 18 Jun 2008 21:02:42 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from gritton.org (gritton.org [161.58.222.4]) by mx1.freebsd.org (Postfix) with ESMTP id 8A1838FC1D for ; Wed, 18 Jun 2008 21:02:41 +0000 (UTC) (envelope-from jamie@gritton.org) Received: from guppy.corp.verio.net (fw.oremut02.us.wh.verio.net [198.65.168.24]) (authenticated bits=0) by gritton.org (8.13.6.20060614/8.13.6) with ESMTP id m5IL2eOr012751; Wed, 18 Jun 2008 15:02:40 -0600 (MDT) Message-ID: <485977EB.90504@gritton.org> Date: Wed, 18 Jun 2008 15:02:35 -0600 From: James Gritton User-Agent: Thunderbird 2.0.0.9 (X11/20080228) MIME-Version: 1.0 To: freebsd-virtualization@freebsd.org References: <48588595.7020709@gritton.org> <200806182140.23123.zec@icir.org> <4859661E.9070502@gritton.org> <200806182156.37998.zec@icir.org> In-Reply-To: <200806182156.37998.zec@icir.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on gritton.org X-Virus-Status: Clean Cc: Subject: Re: V_* meta-symbols and locking X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jun 2008 21:02:42 -0000 Marko Zec wrote: >>> The only thing I'd like to have >>> as an option is to be able to spawn a new process in the target VM >>> _without_ making it chrooted... >> >> If you mean creating a jail that's not chrooted, that's no problem. >> If you mean creating a jail that *is* chrooted, and then placing a >> process into that jail without chrooting it, that would be a breakage >> of the jail paradigm. Hopefully you mean the former? > > No, I want the later, as an option. Given that the parent environment / > jail completely controls the child anyhow, I don't think such an > (optional) behavior would be too big a security issue. One thing you could do is keep a file descriptor open to the real root directory, and call jail_attach(). As long as the system is in its default state of chroot_allow_open_directories == 1, you can then fchdir() or openat() from the saved descriptor. That could easily be made an option to jexec(8). - Jamie