jailutils security issue, and possible issue with 'jail'

看板FB_security作者時間21年前 (2004/07/08 10:46), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/1
Since some of you use the jailutils package, I just wanted to post some additional info on the recent 'security fix' and also highlight a possible issue with the 'jail' command. http://memberwebs.com/nielsen/freebsd/jails/jailutils/security.html It's not a very big issue (unless I'm missing something), simply one of leaking the host environment into the jail. This might be used legitimately in certain cases, but in most cases it's probably a good idea to clear out the environment before executing the jail() or jail_attach() syscalls. The 'jstart' utility included in jailutils does this and it would probably be a good addition to 'jexec' and/or 'jail'. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 nielsen. 的文章
文章代碼(AID): #10xBM300 (FB_security)