On Mon, Mar 11, 2002 at 04:13:16PM -0800, Patrick Thomas wrote:
>
> Let's say I am running in a jail, and say 5 other people are running in
> other, seperate jails on the same machine.
>
> Now lets say I start up pgp, and generate my keys, and generally use pgp
> through the command line in my jail. Or, instead of pgp I do other crypto
> related sensitive activities...
>
> what is my risk here ? Can someone either on the host machine or in one
> of the other jails watch memory on the machine and discern things like my
> keys or passphrases or have very easy access to the data I am decrypting ?
As always, root on the host ownz you. root in your jail probably does
too. If the jails are set up "promiscuously," I can think of ways
users in other jails could get information, but if they are set up
well, I don't see any straightforward attacks. But I haven't done
exhaustive research.
--
Crist J. Clark | [EMAIL PROTECTED]
| [EMAIL PROTECTED]
http://people.freebsd.org/~cjc/ | [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
