On 6 May 2011 16:54, Mark Felder <feld@feld.me> wrote: > On Fri, 06 May 2011 10:13:50 -0500, Daniel Jacobsson > <daniel.jacobsson.90@gmail.com> wrote: > >> Can someone confirm if this bugg/exploit works? > > It's really not a bug or exploit... it's just the guy being crafty. It only > makes sense: the jails access the same filesystem as the host. Put a file > setuid in the jail and use your user on the host to execute that file and > voila, you're now running that executable as root. > > Your users should NEVER have access to the host of the jail. All the same, I've sent a PR [1] with some doc patches to make people more aware of this -- fulfilling my promise of 2+ years ago :S Thanks! Chris [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=156853 _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"