[nycbug-talk] Quick question about jail

Hans Zaunere hans
Mon May 3 09:30:16 EDT 2004


 

> -----Original Message-----
> From: talk-bounces at lists.nycbug.org 
> [mailto:talk-bounces at lists.nycbug.org] On Behalf Of Jan Schaumann
> Sent: Monday, May 03, 2004 9:31 AM
> To: talk at lists.nycbug.org
> Subject: Re: [nycbug-talk] Quick question about jail
> 
> Jeronimo Romero <jromero at romero3000.com> wrote:
> > 
> > 
> > Running Freebsd 4.9 with jail enabled. Ping doesn't seem to 
> work. I get:
> > 
> > ping: socket: Operation not permitted
> > 
> > Anybody know why this happens??

Processes within a jail can't open raw sockets.  Thus, traceroute and
ping won't work.

> The ping in the jail is not setuid?

Won't make any difference; this is enforced by the kernel as a special
case when the process is marked as jailed.  The UID doesn't have an
effect here.

H




More information about the talk mailing list