7 messages in org.freebsd.freebsd-securityRE: jail and NFS| From | Sent On | Attachments |
|---|---|---|
| zhuravlev alexander | Jan 14, 2002 5:04 am | |
| Steve Shorter | Jan 14, 2002 6:13 am | |
| Robert Watson | Jan 14, 2002 6:42 am | |
| zhuravlev alexander | Jan 14, 2002 9:30 am | |
| zhuravlev alexander | Jan 14, 2002 9:37 am | |
| Ryan C. Creasey | Jan 14, 2002 10:59 am | |
| Robert Watson | Jan 14, 2002 8:03 pm |
| Subject: | RE: jail and NFS | |
|---|---|---|
| From: | Robert Watson (rwat...@FreeBSD.ORG) | |
| Date: | Jan 14, 2002 8:03:03 pm | |
| List: | org.freebsd.freebsd-security | |
On Mon, 14 Jan 2002, Ryan C. Creasey wrote:
But there are too many little instances that I seem to overlook. Does anyone know of a project (freshmeat?) out there that does this? Or am I just unusual for wanting users to believe they're not in a jail?
The problem is that it would be almost impossible to hide all evidence of the user being in a jail, due to the way in which jail is implemented. If you have root in the jail, you can trivially tell simply by attempting certain privileged operations, which are limited in jail. In fact, configuring a /dev such that it didn't look like a jail, in practice, would leave you with a system that wasn't in jail :-). Hiding this requires a great deal of virtualization, and is probably better suited to VMware-like solutions. Hiding the nature of the host environment, on the other hand, is something that is much easier to do. It would probably be worth adding another policy tweak sysctl to hide mount information, which is something I've seen a number of requests for. FreeBSD 5.0-CURRENT does a much better job of limiting information leak into jail, btw, than 4.x-STABLE, due to a reworking of the inter-process authorization.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project rob...@fledge.watson.org NAI Labs, Safeport Network Services
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message