Displaying 1 result from an estimated 1 matches for "bpfopen".
Did you mean:
_fopen
2005 Jul 14
2
[ronvdaal@zarathustra.linux666.com: Possible security issue with FreeBSD 5.4 jailing and BPF]
...BPF support is enabled in the kernel
and a BPF device is available in the jail (badly configured devfs/no rules)
The problem lies within the FreeBSD 5.x BPF kernel code:
"The Berkeley Packet Filter provides a raw interface to data link layers
in a protocol independent fashion. The function bpfopen() opens an
Ethernet device. There is a conditional which disallows any jailed
processes from accessing this function."
This conditional was present in the 4.x series kernels but is missing
in 5.x and thus allowing free access to bpfopen() from within a jailed
environment. I think this is r...