On Fri, 06 May 2011 10:13:50 -0500, Daniel Jacobsson <daniel.jacobsson.90@gmail.com> wrote: > Can someone confirm if this bugg/exploit works? It's really not a bug or exploit... it's just the guy being crafty. It only makes sense: the jails access the same filesystem as the host. Put a file setuid in the jail and use your user on the host to execute that file and voila, you're now running that executable as root. Your users should NEVER have access to the host of the jail. _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"