[Bug 262180] jail escaping via jail-friendly nullfs

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 262180] jail escaping via jal-friendly nullfs"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 13 Jul 2024 12:02:52 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262180

--- Comment #6 from Thibault Payet <monwarez@mailoo.org> ---
(In reply to Thibault Payet from comment #5)
Note that this does not work on ZFS if each jail are in separate datasets. See
the result when using a dataset for /j

zfs create zroot/j
zfs set mountpoint=/j zroot/j
mkdir /j/1
mkdir -p /tmp/a /tmp/a/b/c /tmp/a/b/c/test /tmp/a/d
mount -t nullfs /tmp/a/b/c /tmp/a/d
cd /tmp/a/d/test/
mv /tmp/a/b/c/test /tmp/a/b/test

ls -al ../../../../..
Return

ls: ..: No such file or directory
total 2
drwxr-xr-x  3 0 0 3 Jul 13 11:54 .
drwxr-xr-x  7 0 0 7 Jul 13 11:54 1

And
ls -al ../../../../../..
Return
ls: ../../../../../..: No such file or directory

-- 
You are receiving this mail because:
You are the assignee for the bug.