FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Insufficient environment sanitization in jail(8)

Affected packages
8.0 < FreeBSD < 8.0_3

Details

VuXML ID f6eb2279-ca3f-11df-aade-0050568f000c
Discovery 2010-05-27
Entry 2010-10-24

Problem Description:

The jail(8) utility does not change the current working directory while imprisoning. The current working directory can be accessed by its descendants.

References

FreeBSD Advisory SA-10:04.jail