DoS from within jail

From: Yonatan Bokovza (Yonatan@xpert.com)
Date: 03/31/02 

From: Yonatan Bokovza <Yonatan@xpert.com>
To: "'security@freebsd.org'" <security@freebsd.org>
Date: Sun, 31 Mar 2002 16:01:33 +0300

Hi,
Do you think it's a security issue,
that root in jail can DoS the hosting
server and other jails on it with a
forkbomb ?

Best Regards,

Yonatan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • RE: Future development of Jail (was Re: corporate backers of freebsd)
    ... apparently never run the Microsot authentication server. ... have your answer as to why jail is a dead-end. ... Actually, somebody was paying the jail developer, and then ... FreeBSD server in a commercial corporate network over 13 years ago. ...
    (freebsd-questions)
  • Re: Spam Problem
    ... I'm lost on this jail stuff. ... Configuring a jail is pleasantly simple. ... To relay any domains - that is to let them use your server - you ... And the latest sendmail is picky and rejects things by default ...
    (comp.unix.bsd.freebsd.misc)
  • apache in "strange" jail getting permissions errors
    ... I create a master jail that I do not "boot". ... What I want to do is use my Solaris 10 server with 1.7TB ZFS file system exported through NFS as the root for each jail, with the same nullfs mounts as used above in the mdversion. ... So what I did is set up a local directory on the FBSD system with the normal / directories as I do above in the mdway of doing things and left a local directory for the apache stuff. ... The exact same apache config file when using the mdbacked space with all the same files and permissions, ...
    (freebsd-questions)
  • Re: Make a jail visible in different networks
    ... I need to have my jail serving in both LAN and VPN networks. ... static routes between your 10.5.1/24 subnet and your 192.168.1/24 subnet, or setting up additional VPN endpoint on the 192.168.1/24 network, or using NAT to map the jail IP onto the 10.5.1/24 netblock. ... 192.168.1.1 xl0 is linked to other remote server through tun0 with openvpn. ... As I said before, I'm also running mpd4 listening on ng0, and a jail with samba services on 192.168.1.10 xl0 alias. ...
    (freebsd-questions)
  • Re: hiding system directories
    ... of my server. ... sound technical reasons for it, but the main reason seems to be ... within that jail. ... over HTTPS to provide read/write access to a secured directory and not ...
    (comp.os.linux.security)