Re: Possible security issue with jails
In message <20050111221055.GD68350@micah.tamu.edu>, Micah writes:
>Howdy!
>
>I'm not sure if this is actually an issue, feature or a bug, but I have found
>that inside a jail, the jailed root user is able to sniff traffic (and enable
>promiscuous mode) on at least the interface of the IP address the jail is attached
>to.
Only if you leave bpf devices in the devfs mounted on the jail.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)