Hi all,
I'm trying to understand the implications of "unhiding" device nodes for jails through devfs.rules. In particular, I'm hoping to know if there are any security risks incurred by unhiding certain device nodes. For example, if I create a devfs ruleset with the following rule for a vnet jail:
will packets going though the host system become visible to the jail?
As another example, if I do
If unhiding device nodes creates no risk, why would one need the ability to hide device nodes at all? On the other hand, if unhiding device nodes does reduce security, what would be the best practice to create a jail that has fully-functional (pf, tcpdump, dhclient, etc.) yet fully isolated networking?
Thanks!
I'm trying to understand the implications of "unhiding" device nodes for jails through devfs.rules. In particular, I'm hoping to know if there are any security risks incurred by unhiding certain device nodes. For example, if I create a devfs ruleset with the following rule for a vnet jail:
add path 'bpf*' unhide
will packets going though the host system become visible to the jail?
As another example, if I do
add path 'da*' unhide
, does /dev/da0 become accessible (for read and write) to the jail?If unhiding device nodes creates no risk, why would one need the ability to hide device nodes at all? On the other hand, if unhiding device nodes does reduce security, what would be the best practice to create a jail that has fully-functional (pf, tcpdump, dhclient, etc.) yet fully isolated networking?
Thanks!