It does not look like you broke it. Moving directories between jails while they are running is not part of the game as it breaks chroot. You could manipulate files between jails with the jails up by using networking, such as ftp.
Obviously, one could program chroot to be able to "eat" this stuff, but it will make the system cumbersome. Remember, Jails are supposed to protect against an outside attacker, not against the sys admin. Aharon -----Original Message----- From: Johan Ström [mailto:[EMAIL PROTECTED] Sent: Friday, December 28, 2007 7:16 AM To: [email protected] Subject: I just broke out of a FreeBSD jail.. Known bug?? Hello list! I'm running a FreeBSD 6.2-p8 box with a few jails. The other day a user of mine uploaded a number of files to one jail, then I (in the actual system outside of all jails) moved that directory to another jail.. When I later did some chdiring in the original jail, I found my self standing in my other jails pwd and beeing able to read/ manipulate files!.. Example: jb-1 (the base machine, jailbox-1) shell (jail 1) core (jail 2) shell /home/johan# pwd /home/johan shell /home/johan# ls .cshrc .irssi .login_conf .mailrc .profile .shrc .zcompdump public_html .histfile .login .mail_aliases .noident .rhosts .ssh .zshrc shell /home/johan# mkdir test shell /home/johan# cd test shell /home/johan/test# touch asd shell /home/johan/test# ls -al total 4 drwxr-xr-x 2 root root 512 Dec 28 13:09 . drwxr-x--x 6 johan johan 512 Dec 28 13:09 .. -rw-r--r-- 1 root root 0 Dec 28 13:09 asd shell /home/johan/test# Then moving it on the root box jb-1 /usr/jails# mv shell/home/johan/test core/home/johan/ jb-1 /usr/jails# And back on shell jail: shell /home/johan/test# ls asd shell /home/johan/test# pwd pwd: .: No such file or directory shell /home/johan/test# cd .. shell /home/johan# ls .cshrc .lesshst .mailrc .shrc .vimrc file.big roundcube.sql www.tar.gz .histfile .login .mysql_history .ssh .zcompdu mp pics stuff .history .login_conf .profile .vim .zshrc postfix-2.4.5 test .irssi .mail_aliases .rhosts .viminfo cacert.pem public_html vmail.tar.gz shell /home/johan# Thats my home dir on core!.. That should very much not be visible there! I have full access now (from the wrong jail!) Known bug or did I just stumble upon something pretty bad?? -- Johan Ström Stromnet [EMAIL PROTECTED] http://www.stromnet.se/ No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.11/1201 - Release Date: 12/28/2007 11:51 AM _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
