Rooting FreeBSD , Privilege Escalation using Jails (P??????tur)
Jilles Tjoelker
jilles at stack.nl
Tue May 10 19:09:58 UTC 2011
On Tue, May 10, 2011 at 04:08:56PM +0100, Jamie Landeg Jones wrote:
> > It used to confuzzle sysadmins on SUNos when the mount point was
> > 0700. The underlying mode disapeared when the mount was made, but it
> > was still being enforced. Suddenly no one but root could use say /usr
> > even though it was apparently 0755
> I remember that happening! I thought it was like that on FreeBSD too,
> but if it was, it isn't any longer!
It is still required for .. to work.
For example, if the /usr directory on / is 700 but the directory on the
mounted filesystem is 755, everyone can use pathnames under /usr but only
root can use /usr/.. which is confusing and undesirable.
> I always make mount-points 0111 these days
I'd recommend to keep doing that :)
--
Jilles Tjoelker
More information about the freebsd-security
mailing list