misc/187307: Security vulnerability with FreeBSD Jail
Dag-Erling Smørgrav
des at des.no
Thu Mar 20 12:36:49 UTC 2014
Xin Li <delphij at delphij.net> writes:
> a) you have account on *both* jail and host system.
> b) you attempted to log in into jail's IP, which is also bound to host
> system;
> c) your configuration didn't explicitly specify SSH's listening
> address on host, so it's a wildcard (Listen 22 instead of Listen
> hostip:22, where you can see in sockstat -4l as *:22 for sshd).
> d) when jail is shut down, when you connect to the jail's IP, you
> connected into the host.
I would like to point out that if you follow the documented procedure
for configuring and managing jails, the jail's IP goes away when the
jail shuts down. This has been the case since at least 8.x using the
old-style rc.conf variables (jail_foo_interface, jail_foo_ip), and it is
still the case in 10.0 using the new-style jail.conf.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-security
mailing list