So, you are wrong and I have to correct you.
To read a file in way you described user has to have x permission to all subdirectories and x permission to executable file.
We assume, that you have x permission to executable, but for root directory of jail you don't.

On Mon, Sep 09, 2002 at 08:49:34AM -0600, bsdxtremedev.com wrote:
> > A reasonable solution is to block access to the jailed filesystems
> > from non-jailed accounts. Just do the following:
> >
> > install -m u=rwx,go= -d /usr/fence
> > install -d /usr/fence/jail
> >
> > Then use the fenced off directory as your jail root. We are
> > successfully running desktops with multiple developer jails in this sort of
> > configuration and things work great. This exclued anyone but root from
> > using suid binaries from a jail, and well, root's already root.
>
> Er, I don't believe this solves the issue. If the user knows the full path
> from the host system to the suid binary s/he created in the jail, s/he can
> access it directly as a regular use in the host environment. Ie., typing
> in:
>
> /usr/fence/jail/usr/home/baduser/bin/rootshell
>
> Please correct me if I'm wrong or if I've misunderstood.
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]