Re: Rooting FreeBSD , Privilege Escalation using Jails (Pétur)
Chris Rees
utisoft at gmail.com
Fri May 6 18:12:30 UTC 2011
On 6 May 2011 17:18, "Mark Felder" <feld at feld.me> wrote:
>
> On Fri, 06 May 2011 10:13:50 -0500, Daniel Jacobsson <
daniel.jacobsson.90 at gmail.com> wrote:
>
>> Can someone confirm if this bugg/exploit works?
>
>
> It's really not a bug or exploit... it's just the guy being crafty. It
only makes sense: the jails access the same filesystem as the host. Put a
file setuid in the jail and use your user on the host to execute that file
and voila, you're now running that executable as root.
>
> Your users should NEVER have access to the host of the jail.
>
>
More information about the freebsd-security
mailing list