Re: Rooting FreeBSD , Privilege Escalation using Jails (P??????t

看板FB_security作者時間14年前 (2011/05/11 03:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串20/29 (看更多)
On Tue, May 10, 2011 at 04:08:56PM +0100, Jamie Landeg Jones wrote: > > It used to confuzzle sysadmins on SUNos when the mount point was > > 0700. The underlying mode disapeared when the mount was made, but it > > was still being enforced. Suddenly no one but root could use say /usr > > even though it was apparently 0755 > I remember that happening! I thought it was like that on FreeBSD too, > but if it was, it isn't any longer! It is still required for .. to work. For example, if the /usr directory on / is 700 but the directory on the mounted filesystem is 755, everyone can use pathnames under /usr but only root can use /usr/.. which is confusing and undesirable. > I always make mount-points 0111 these days I'd recommend to keep doing that :) -- Jilles Tjoelker _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 jilles. 的文章
文章代碼(AID): #1DoPApMT (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 20 之 29 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共29篇)
更多 jilles. 的文章
文章代碼(AID): #1DoPApMT (FB_security)