|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Possible security issue with jails
From: Micah (micah
micah.ws)
Date: Tue Jan 11 2005 - 18:35:08 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This was the info I needed. Thanks!
-micah
On Tue, Jan 11, 2005 at 11:05:43PM +0100, Poul-Henning Kamp wrote:
> In message <20050111221055.GD68350micah.tamu.edu>, Micah writes:
> >Howdy!
> >
> >I'm not sure if this is actually an issue, feature or a bug, but I have found
> >that inside a jail, the jailed root user is able to sniff traffic (and enable
> >promiscuous mode) on at least the interface of the IP address the jail is attached
> >to.
>
> Only if you leave bpf devices in the devfs mounted on the jail.
>
> --
> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
> phkFreeBSD.ORG | TCP/IP since RFC 956
> FreeBSD committer | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
> _______________________________________________
> freebsd-securityfreebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]