Add a warning about filesystem-based attacks.

Approved by: mentor (gjb)
svn path=/head/; revision=39566
2012-09-16 15:44:51 +00:00 · 2012-09-16 15:44:51 +00:00 · d86be5e0d9 · 2020-12-08 03:00:23 +00:00
commit d86be5e0d9
parent e4e5101a06
1 changed files with 16 additions and 0 deletions
--- a/en_US.ISO8859-1/books/handbook/jails/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/jails/chapter.sgml
@ -28,6 +28,22 @@
      are a very powerful tool for system administrators, but their basic
      usage can also be useful for advanced users.</para>

+    <important>
+      <para>Jails are a powerful tool, but they are not a security
+	panacea.  It is particularly important to note that while it
+	is not possible for a jailed process to break out on its own,
+	there are several ways in which an unprivileged user outside
+	the jail can cooperate with a privileged user inside the jail
+	and thereby obtain elevated privileges in the host
+	environment.</para>
+
+      <para>Most of these attacks can be mitigated by ensuring that
+	the jail root is not accessible to unprivileged users in the
+	host environment.  Regardless, as a general rule, untrusted
+	users with privileged access to a jail should not be given
+	access to the host environment.</para>
+    </important>
+
    <para>After reading this chapter, you will know:</para>

    <itemizedlist>