Re: Possible security issue with jails
From: Poul-Henning Kamp (phk_at_phk.freebsd.dk)
Date: 01/11/05
- Previous message: Micah: "Possible security issue with jails"
- In reply to: Micah: "Possible security issue with jails"
- Next in thread: Micah: "Re: Possible security issue with jails"
- Reply: Micah: "Re: Possible security issue with jails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Micah <micah@micah.ws> Date: Tue, 11 Jan 2005 23:05:43 +0100
In message <20050111221055.GD68350@micah.tamu.edu>, Micah writes:
>Howdy!
>
>I'm not sure if this is actually an issue, feature or a bug, but I have found
>that inside a jail, the jailed root user is able to sniff traffic (and enable
>promiscuous mode) on at least the interface of the IP address the jail is attached
>to.
Only if you leave bpf devices in the devfs mounted on the jail.
-- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Micah: "Possible security issue with jails"
- In reply to: Micah: "Possible security issue with jails"
- Next in thread: Micah: "Re: Possible security issue with jails"
- Reply: Micah: "Re: Possible security issue with jails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
