-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pawel Jakub Dawidek wrote:
> When -J operates on a file inside a jail, it create the same security > hole as the one from security advisory, because it opens a file before > calling jail(2). > I fully agree that console.log should be outside a jail. At least noone > proposed safe solution so far, which also means it's not an easy fix. I still suggest using "pwd -P" to get the real path and using the shell's CWD as a lock. That works safely with mount(8) at least. Comments? erdgeist -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFFsiGzImmQdUyYEgkRAlKcAJ4izD1J4x6jDDfvrtr5J+bcmSxK/ACfRpwn x5yVH4uJIN7CWEgYtATKDE0= =sQq3 -----END PGP SIGNATURE----- _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"