On Thursday 03 March 2005 05:23 pm, Ean Kingston wrote:
> > On Thursday 03 March 2005 12:42 pm, Chris Hodgins wrote:
>
> [cut original question and answer]
>
> >> Ok perhaps I should clarify what my intentions are a little
> >> more. I am planning on providing a FreeBSD jail for any member
> >> of a geek society I am a member of.  When I say they are
> >> untrusted, I mean that I won't be giving them full root access
> >> to my server but I trust them enough not to do anything
> >> malicious inside a jail.  It is just like a fun place they can
> >> play and not have to worry to much about breaking things.
> >>
> >> How easy is it exactly to break out of a jail if you have access
> >> to development tools?
> >
> > http://www.securiteam.com/unixfocus/5WP031535U.html
>
> How current is this? The article appears to be dated 2001. Are
> there still buffer-overflow issues with /proc?
>

5.3 and later no longer need proc and it's not mounted by default.

> > If you use securelevels you can a sigificantly improve security.

-- 
Anish Mistry

Attachment: pgpQ4cZxqoqqA.pgp
Description: PGP signature

Reply via email to