FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Insufficient environment sanitization in jail(8)

Affected packages
8.0	<=	FreeBSD	<	8.0_3

Details

VuXML ID	f6eb2279-ca3f-11df-aade-0050568f000c
Discovery	2010-05-27
Entry	2010-10-24
Modified	2016-08-09

Problem Description:

The jail(8) utility does not change the current working directory while imprisoning. The current working directory can be accessed by its descendants.

References

FreeBSD Advisory

SA-10:04.jail