[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Jailkit and Gnu Screen, possible safely?

From: Olivier Sessink
Subject: Re: [Jailkit-users] Jailkit and Gnu Screen, possible safely?
Date: Wed, 06 Apr 2011 23:04:44 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110223 Thunderbird/3.1.8

On 04/01/2011 02:26 PM, Ngo Chen wrote:

I would like to know if it is possible to use screen with jailkit
without security issues? I found this mailing list message:
which states that the only way to give screen a terminal to use is to do
a dangerous mount:

mount -t devpts devpts /home/jail/dev/pts/

doesn't jailkit really offer any safe way to get around this? I think a
shelljail should be able to provide all the necessary services without
having to go around the jail environment itself in this crude and
unsecure way.

that mount is not dangerous at all if you compare it to a system without a jail. That mount inside a jail may be a tiny little bit less secure than a jail without that mount. So this is not a security issue. This is only a security issue if you are totally paranoid about the process that will run inside the jail. In which case you probably shouldn't run that program at all.


Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/

reply via email to

[Prev in Thread] Current Thread [Next in Thread]