Rooting FreeBSD , Privilege Escalation using Jails (P??????tur)
Jamie Landeg Jones
jamie at bishopston.net
Tue May 10 12:20:10 UTC 2011
> Do you know if there is a way that chmod on / from within the jail could
> be prevented easily without breaking something ? Maybe not failing but
> falling though and return 0 for any operation with the sole argument of /.
Enforcing 700 on the jail root?
Whilst I was wrong on chmod 700 on (say) /usr/jails it is still the case
that the root directory of the jail itself (/usr/jail/jailname) has to
be 755 for non-root processeses within the jail to access the filesystem!
cheers,
Jamie
More information about the freebsd-security
mailing list