Thoughts on jail privilege (FAQ submission)
Jan Demter
jan-mailinglists at demter.de
Fri Jan 16 17:15:29 PST 2009
Am 15.01.2009 um 19:31 schrieb Jon Passki:
> Another thing to think about is user IDs. You could have a user ID
> in your host of 1001. Your jail could have a completely different
> user
> account, but collide on the user ID of 1001. Your host user ID 1001
> will
> have access to those jail user ID 1001 files, unless you restrict a
> parent
> directory. That was the use case I came across and avoided.
I do not think restricting directories will help you a lot against
these attacks.
User 1001 on the host has access to all running processes of user 1001
in the jail and should be able to simply inject code to read the files
via debugging interfaces.
As Snuggles said, best practice is to not allow access to the host to
anyone. If you have to, you should avoid collisions of user IDs.
Greetings
Jan
More information about the freebsd-security
mailing list