Re: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pawel Jakub Dawidek wrote:

In other words, it may break existing configurations.

Sorry, I meant "pwd -P" and assumed that, according to pwds man page, to
be default.

cd ${jail_root}
j_root=`pwd`
cd ${jail_var_log_dir}
j_var_log=`pwd`
eval evil_doer=\$\{j_var_log#${j_root}\}
[ "$evil_doer" = "$j_var_log" ] && exit

--> Race <--

cp -f ${temp_log} console.log

No, since that directory is your cwd, you operate on ./ which wont
change by setting soft links along the path. You won't even be able to
remove that directory in the first place since the directories vnode is
locked.

Regards

erdgeist
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)

iD8DBQFFq+7tImmQdUyYEgkRAiJ2AJoCdbM8rPn8F/8atVBRzwGcJOZhHQCeO6Hi
ILSZnZ7jgsUhOiZi3M6fkDo=
=0IXe
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages