On Wed, 25 Jun 2008, Alexander Leidinger wrote:
Oh: I haven't checked if this actually works. I don't know if all places
DTRT then. Normally it should work, but you better test if it really puts
the FS in the place where you want it, that you can mount/umount it, that
"mount -v" shows the expected output on the host and in the jail, and so on.
Similar things can be done for
src/sys/fs/{cd9660|msdosfs|ntfs|nullfs|smbfs|udf|unionfs}. Those are the
FS's which _should_ be safe, either because they work with untrusted data
anyway, or because it's a loopback mount. But again, I haven't tested any of
them (I have them patched locally, but even the initial testing is on my
TODO list with a low priority).
Safe in the sense that they might, or might not, immediately panic. Not safe
in the sense that the resulting system would necessarily have the expected or
desired security properties. It wouldn't surprise me if, just for example,
allowing user mounting of nullfs from within jail allowed the user to escape
from the jail and access files outside the jail in the host system.
Establishing that this is not the case is fairly non-trivial and has to be
done very carefully. I would recommend extreme caution.
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-jail@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
