On Thu, Apr 21, 2005 at 07:39:08AM -0400, c0ldbyte wrote: > Now if that last question is correct and thats the proccess you are using > to create a jail then depending on the situation wouldnt that inturn > defeat some of the main purposes of the jail, like the following. If you > mounted your "/bin" on "/mnt/jail/bin" then if a person that was looking > to break in and effect the system that is currently locked in the "jail" > all he would have to do is just write something to the "jail/bin" which is > actualy your root "/bin" and then the next time a binary is used from your > root directories it could still infect the rest of the system ultimately > defeating the purpose of what you just set up. To my understanding and use > a jail is somewhat totaly independent of the OS that it resides in and > wont be if you are using nullfs to mount root binary directories on it.
ro mount as written by grant parent protects against this. Joerg _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
