What are the security implications of using allow.sysvipc in a FreeBSD jail

security freebsd jail

So, it turns out that the extreme interpretation is correct. Allowing sysvipc "... defeat[s] the whole purpose of having a jail; privileged users from the jail would be able to affect processes outside the jailed environment."

UPDATE Aug 3, 2010: After some serendipitous research, I've been able to flesh out some details. The problem stems from the fact that process permissions are based on UIDs (note that this means the number, not the string identifier). So, even though the user spaces for the host and jail are mutually separate, this division isn't iron-clad and given that root has a UID of 0, we get the quote above. Some options to minimize the risk:

  1. Ensure all users across the entire system (host and jails) have different UIDs
  2. Disable root login for the jails (won't help with processes run as root so sudo tricks but some is better than none.)

Related

KVM guest doesn't recognize new size of raw disk after lvresize
Installing ODBC driver 13 for MSSQL Server in Amazon Linux on EC2 instance
Postfix Limit mail for domain from IP range
SELinux is preventing Perl CGI script from accessing Oracle libraries
Dovecot: Email clients and duplicated folders
Apache mpm worker + wsgi Python/Django workers stuck
Directly Formatting a Device on a Linux System
Replace MyISAM files without stopping Mysql
Can you tell by the network traffic whether a video was watched or downloaded from YouTube?
Shell script to fix bad filenames?
Scriptable DVD authoring solution for Linux? [closed]
What happens to the content of RAM when a computer turns off?