similar to: FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED]

Displaying 20 results from an estimated 3000 matches similar to: "FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED]"

2007 Aug 01
0
FreeBSD Security Advisory FreeBSD-SA-07:01.jail [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:
2007 Jan 11
0
FreeBSD Security Advisory FreeBSD-SA-07:01.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:
2007 Jan 11
2
FreeBSD Security Advisory FreeBSD-SA-07:01.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:
2003 Aug 15
0
[PATCH] jail NG schript patch for mounting devfs and procfsautomatically
On 14.08.2003 15:36, Scot W. Hetzel wrote: > I just noticed a problem with periodic scripts inside a jail. I'm getting: > > Local system status: > tee: /dev/stderr: Operation not supported > > Mail in local queue: > tee: /dev/stderr: Operation not supported > > Mail in submit queue: > tee: /dev/stderr: Operation not supported > > in the periodic daily,
2005 Dec 22
0
jails and sysctl in freebsd 6.0
Bug or something, look at this <mother-mail>[~]# cat /etc/sysctl.conf security.jail.allow_raw_sockets=1 security.jail.set_hostname_allowed=0 <mother-mail>[~]# sysctl -a | grep jail security.jail.set_hostname_allowed: 1 <<<<< here security.jail.socket_unixiproute_only: 1 security.jail.sysvipc_allowed: 0 security.jail.enforce_statfs: 2
2006 Dec 19
3
/etc/rc.d/jail: losing IPs if jail_x_interface set and syntax error in jails /etc/rc?
Hi *, I recently triggered an error when setting up a jail-host: I configured the jail(s) like evry jail I set up in the past: On the jail-hosts /etc/rc.conf: # ---- Jail-Globals ---- jail_enable="YES" # Set to NO to disable starting of any jails jail_list="ftp mx1 relay" # Space separated list of names of jails
2003 Sep 10
2
jail + postgresql + System V IPC
HI everyone, I have resently installed a jail environment on my freebsd box, and had some problems getting postgresql running under it. After looking a bit on various mailinglists i figured out that I needed to set jail.sysvipc_allowed to be 1 using sysctl in order to make postgresql run. However man jail gives me: jail.sysvipc_allowed This MIB entry determines whether or not
2003 Jul 10
2
jail performance questions
I'm thinking of using jails to improve security on a server I am setting up. Specifically, I would like to put Apache/PHP in a jail, but I might like to set up 2-3 different jails for different purposes. I've found several examples showing how to set the jails up. My questions involve system requirements. Assuming plenty of disk space, 1GB ram and a dual processor PIII 1.13Ghz
2009 Jan 08
2
Problems with network in jail
Hi all, Is it mandatory to add device mem to jails to enable network via the gateway? Left ezjail with FreeBSD-6.3 (and a hardware replacement of my server) and am now starting again with FreeBSD-7.1. Early this week, I upgraded from 7.0 to 7.1 (not having 'used' jails on 7.0). After creating the jail with `ezjail-admin update -i` I created a 'ports build' jail `ezjail-admin
2005 Aug 26
1
Filtering jail IP traffic
Hi, IP traffic from one jail to another jail, arrives on destination jail on lo0 having the destination jails IP as source IP. Why not the source jail's IP address? How can I filter traffic from one jail to another, using ipfw of ipf? Cheers, -- Anders.
2005 Jun 27
1
running jail with alternate IP
I am currently setting up a firewall that translates my internal network over to 5 public IP addresses. The addresses are dynamically assigned, so I use ddclient to update my www.dyndns.org account. I've set up several aliases on the external interface of the firewall, and succeeded in having the internal computers use those extra public IPs. What I want to do is have 5 copies of ddclient
2005 Feb 15
0
Identd in jail.
Hi Few days ago I've problem with running identd in jail on 4.10-stable I've found that getcred() sysctl isn't permitted from within jail on 4.x. R.Watson suggest some "cheap hack" for this but I've solved this without patching the kernel. My patched ident gets result of getcred() sysctl from jauthd daemon via unix socket. Jauthd is simply getcred proxy, it gets two
2004 Feb 03
0
How to allow a jail to use interface gif0
Heya, i've build a few jails on my system for multiple purposes... I want one of the jails run some ipv6 tunnels but unfortenately I'm not allowed to access/modify gif0 from inside the jail... How can I bypass this security issue (keep in mind that want to run the jail on a ipv4 adress)? Kind regards, Ruben van Gogh ******************************************** The
2003 May 21
1
netstat/ipcs inside jail
Hi, i've got this problem with my jail and i'm abolutly lost as in the why of it. I previously posted this on comp.unix.bsd.freebsd.misc but i was advised to send here I was unable to find help on google :( To resume quick, when i'm in a jail, netstat doesn't work properly. Hopefully i have provided sufficient information for anyone willing to help me :p First of all, my system :
2004 Feb 27
0
FreeBSD Security Advisory FreeBSD-SA-04:03.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:03.jail Security Advisory The FreeBSD Project Topic: Jailed processes can attach to other jails Category: core Module: kernel Announced:
2004 Feb 27
0
FreeBSD Security Advisory FreeBSD-SA-04:03.jail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:03.jail Security Advisory The FreeBSD Project Topic: Jailed processes can attach to other jails Category: core Module: kernel Announced:
2013 Feb 12
2
problem stoping jails with jail(8), jail.conf and mount.fstab
Hello, on 9.1-R, I highly appreciate the new jail(8) and jail.conf capabilities. Thanks for that extension! But I have one problem: If I want to stop a jail with 'jaill -r jailname', I get "umount: unmount of /.jail.jailname failed: Device busy" It seems to me that the order of fstab.jailname entries are not reverted by jail(8) when shutting down/umounting. My C skills
2004 Jul 07
0
jailutils security issue, and possible issue with 'jail'
Since some of you use the jailutils package, I just wanted to post some additional info on the recent 'security fix' and also highlight a possible issue with the 'jail' command. http://memberwebs.com/nielsen/freebsd/jails/jailutils/security.html It's not a very big issue (unless I'm missing something), simply one of leaking the host environment into the jail. This
2012 Dec 12
1
How to create Jail in FreeBSD
Operating system virtualization is the most effective way to utilize your system resources, jails let you setup isolated mini-systems. Jails are explains well in handbook however, from practical standpoint of view, the presented material is incomplete. The post below setup few scrips that follow handbook's 'Application of Jails' article and enhance with few missing features
2007 Jul 02
1
Jails and loopback interfaces
I've got a server running FreeBSD 6.2 and PF. The server has a couple dozen jails on it. Previously, I had a few "private" services such as MySQL running on loopback IPs (127.0.0.2+) and the rest of the jails running on the public IPs. I have to renumber my machine with a new block of public IPs so I thought I'd be clever and move all the jails onto loopback IPs. Then