Re: Non-root chroot

You can get a high degree of privilege control using Solaris 11 roles and
its RBAC formulary.  Was this not of interest to FreeBSD as a palliative
for fine grained process/user privilege control as an alternative solution
to chroot/jail use cases?

On Mon, Aug 4, 2025 at 9:42 PM Daniel O'Connor <darius@dons.net.au> wrote:

>
>
> > On 4 Aug 2025, at 22:56, Jason Bacon <bacon4000@gmail.com> wrote:
> > On 8/3/25 23:41, Daniel O'Connor wrote:
> >>> On 3 Aug 2025, at 18:39, Dmitry Mikushin <dmitry@kernelgen.org> wrote:
> >>> Important point is that the user is not obliged to hand in any
> particular "su" program. The user may hand in any "su"-like code suitable
> for escaping the chroot.
> >> You can’t create a setuid binary owned by root without being root so it
> doesn’t matter.
> >> --
> >> Daniel O'Connor
> >> "The nice thing about standards is that there
> >> are so many of them to choose from."
> >> -- Andrew Tanenbaum
> >
> > It may be possible to nullfs mount something into the chroot dir, or
> dupe the superuser into copying a root-owned file in.  The listing below
> was run in a user-level chroot, where I copied /usr/bin/su in as root from
> the host:
>
> You can’t mount something without being root unless vfs.usermount is set.
>
> I guess if you can nullfs mount with vfs.usermount then that is an issue,
> although I hope that forces nosuid on but I haven’t checked.
>
> --
> Daniel O'Connor
> "The nice thing about standards is that there
> are so many of them to choose from."
> -- Andrew Tanenbaum
>
>
>