Re: Rooting FreeBSD , Privilege Escalation using Jails (P??????t
On Sun, May 8, 2011 at 2:52 PM, Jason Hellenthal <jhell@dataix.net> wrote:
>
> Edho,
>
> It should also be noted here that the jailed root user also has permission
> to chmod(1) '/' to anything he or she wants unless you have taken
> precaution to not allow that. I would reccoment storing your jails two
> levels deep into a directory and chmod(1) 700 the first level to prevent
> access from the host and from the jailed root user changing the perms.
>
I indeed changed the permission above the jail's root. I usually make
it like this:
/jails/jailname/root
and I set 700 on /jails/jailname. It's been a long time but as I said
before I don't remember encountering permission problem in the jail.
Or perhaps I remembered it wrong.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 2 之 29 篇):