Rooting FreeBSD , Privilege Escalation using Jails (P??????tur)
Jamie Landeg Jones
jamie at bishopston.net
Tue May 10 19:26:34 UTC 2011
> It is still required for .. to work.
>
> For example, if the /usr directory on / is 700 but the directory on the
> mounted filesystem is 755, everyone can use pathnames under /usr but only
> root can use /usr/.. which is confusing and undesirable.
>
> > I always make mount-points 0111 these days
>
> I'd recommend to keep doing that :)
Wow! Good catch! I missed that!
And I note that ".." doesn't even appear on an ls -a
That tells you too, Chris Rees :-)
Ok, I'll stick with 0111 - also, the reason I use 0111 instead of just
the default 755 (or whatever) is that it's an alert to me if some mount isn't
mounted for whatever reason.
To me, 0111 means mount-point only, period.
Cheers,
Jamie
More information about the freebsd-security
mailing list