Date: Sun, 17 May 2020 07:28:46 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: ihor@antonovs.family, freebsd-security@freebsd.org Subject: Re: Malicious root user sandboxing Message-ID: <442284bc-e137-f5de-aee6-1d5c69e7d3b8@grosbein.net> In-Reply-To: <1641188.rRC0nNcZtX@amos> References: <1641188.rRC0nNcZtX@amos>
next in thread | previous in thread | raw e-mail | index | archive | help
17.05.2020 7:02, Ihor Antonov wrote: > So far it seems that my endeavor is doomed. Any comments or suggestions are > appreciated. You'll need to write and test lots of kernel-level code to achieve this. I'd suggest you re-think your decision about jails because it seems jails can really be the solution if you combine jail with other system abilities. For example, sharing subtree with r/o access is easily achieved using read-only nullfs mount. Also, shared PAM does not mean duplication of system user database, take a look at: man -k pam_|fgrep '(8)' Usage of jails does not require any modification of the application. I did it for multiple setups and it works perfectly. As last resort, you may run nested FreeBSD system using bhyve(8).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?442284bc-e137-f5de-aee6-1d5c69e7d3b8>