In message <[EMAIL PROTECTED]>, Matthew Dillon w rites: >: >:In message <[EMAIL PROTECTED]>, Matthew Dillon w >:rites: >:> Hmm. While tracking down a null mount issue I think I might have >:> come across a potentially serious problem with jail. It seems to >:> me that it would be possible for someone inside a jailed environment >:> to 'steal' pty's, tty's, or the tty side of a pty that is being >:> used from within other jails or by processes outside the jail. Has >:> this ever come up before? >: >:There has always been code in kern/tty_pty.c which makes sure that the >:master and slave have the same prison: >: >: } else if (pti->pt_prison != td->td_ucred->cr_prison) { >: return (EBUSY); >: >: >:-- >:Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 >:[EMAIL PROTECTED] | TCP/IP since RFC 956 > > Ah, excellent. Is there a limit inside the prison so a jail cannot > exhaust all available ptys?
No. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message