Re: Rooting FreeBSD , Privilege Escalation using Jails (P??????tur)




Do you know if there is a way that chmod on / from within the jail could
be prevented easily without breaking something ? Maybe not failing but
falling though and return 0 for any operation with the sole argument of /.

Enforcing 700 on the jail root?

Whilst I was wrong on chmod 700 on (say) /usr/jails it is still the case
that the root directory of the jail itself (/usr/jail/jailname) has to
be 755 for non-root processeses within the jail to access the filesystem!

cheers,
Jamie
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages