Improving FreeBSD-SA-07:01.jail fix [was: HEADS UP: Re: FreeBSD
Security Advisory FreeBSD-SA-07:01.jail]
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sat Jan 20 13:03:56 UTC 2007
On Sat, Jan 20, 2007 at 01:24:33PM +0100, Simon L. Nielsen wrote:
[...]
> BTW. with regard to the console.log file I really don't think it
> should be put back inside the jail unless it's possible to make the
> generation of the file entirely inside the jail since it's just not
> worth the risk/complexity. I think it should be possible to do this
> with jail(8) in -CURRENT (see -J flag), but:
When -J operates on a file inside a jail, it create the same security
hole as the one from security advisory, because it opens a file before
calling jail(2).
I fully agree that console.log should be outside a jail. At least noone
proposed safe solution so far, which also means it's not an easy fix.
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20070120/ba051e7f/attachment.pgp
More information about the freebsd-security
mailing list