 Securing FreeBSD
Using Jail
Evan Sarmiento
Editor's note: This article discusses a project that gives root access
to anyone who wants it. The OpenRoot project operates in a virtual machine and
uses FreeBSD's Jail feature. This author's implementation of OpenRoot is intended
for training and experimentation purposes only. The practice of giving out root
to all comers (with or without a Jail) is too risky for most environments, however,
this article provides useful information.
I started a project called Openroot, where I give root access to anyone
on a box on my network. In this environment, users, mostly students like me,
can learn, experiment, install software like Apache and Sendmail, or tinker
around with configuration files to see how they work. However, this project
was mostly intended to help me learn, in-depth, about UNIX security procedures.
I've taken many precautions, which can not only help you secure a UNIX system
like this one, but may also help secure general-purpose UNIX systems. Primarily,
I used a feature present in FreeBSD from versions 4.0 and onward called Jail.
Essentially, Jail creates a process tree exclusively for itself. Processes
inside the Jail cannot affect processes outside. Thus, by recreating the base
system files inside a Jail, it acts like an independent computer (see Figure
1).
A Jailed environment, of course, has some restrictions. For example, users
inside a Jail cannot kill processes outside or harm the actual computer; users
inside a Jail cannot mount filesystems or delete partitions using fdisk.
Most importantly, users cannot use system calls that could enable them to break
out of the Jail.
|
