[Bug 215250] jail break under particular circumstance
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Dec 12 14:40:52 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215250
Jamie Gritton <jamie at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jamie at FreeBSD.org
Resolution|--- |Works As Intended
Status|New |Closed
--- Comment #2 from Jamie Gritton <jamie at FreeBSD.org> ---
Yes, it's expected behavior. It's not so much a "break" as being pulled out of
the jail by an administrator with proper permission who presumably knows what
he's doing.
Preventing an assisted break like this would be doable, but would involve
either tracing all .. traversals back to at least a prison root, or attaching a
prison reference to every directory in the vnode cache. Both of those seem to
be a bit of overkill.
I have to admin I've done the very thing in the example: temporarily moving
/usr/ports to a jail. Lately I've gone with nullfs instead, which doesn't open
this hole.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-jail
mailing list