On Wed, 27 Jul 2011, Glen Barber wrote:
How is either one of these different ?
All mv(1) is doing is a cp(1) & rm(1). In either case the filehandle is
still broken and a process is not going to just get up and move with it. On
the other side though if you copied a pipe or socket or something similiar
for example into a jail then it might make whatever is outside available to
the jailed environment.
Is there something I am misunderstanding about this ? has the way cp(1),
rm(1) & mv(1) been changed recently ? or is this wording a little off ?
The text in the example is just an example of a situation where it may be
possible for a process within a jail(8) to gain filesystem access outside of
the jail(8).
I wonder, if on these grounds, we should actually advise administrators that
it is a more robust configuration, both in terms of managing free space and
avoiding potential escape paths, to put each jail in its own file system.
Lots of people do this anyway, and as recommendations go, it's not a bad one.
We can then caution that if you *don't* do this, then you need to be careful
about the mv issue.
Robert
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
