On Thursday 03 March 2005 05:23 pm, Ean Kingston wrote: > > On Thursday 03 March 2005 12:42 pm, Chris Hodgins wrote: > > [cut original question and answer] > > >> Ok perhaps I should clarify what my intentions are a little > >> more. I am planning on providing a FreeBSD jail for any member > >> of a geek society I am a member of. When I say they are > >> untrusted, I mean that I won't be giving them full root access > >> to my server but I trust them enough not to do anything > >> malicious inside a jail. It is just like a fun place they can > >> play and not have to worry to much about breaking things. > >> > >> How easy is it exactly to break out of a jail if you have access > >> to development tools? > > > > http://www.securiteam.com/unixfocus/5WP031535U.html > > How current is this? The article appears to be dated 2001. Are > there still buffer-overflow issues with /proc? >
5.3 and later no longer need proc and it's not mounted by default. > > If you use securelevels you can a sigificantly improve security. -- Anish Mistry
pgpQ4cZxqoqqA.pgp
Description: PGP signature