DragonFlyBSD Kernel Audit
DF-0165 / run.2.log
← back to finding ↓ download raw
jail() ok: jid=12  (now jailed as uid=0)
=== DF-0165 demo: cap-gated actions inside jail ===
    (jail default policy: allow_raw_sockets=0,
     vfs_mount_{nullfs,tmpfs,devfs,procfs}=0 -> all should EPERM)
  socket(AF_INET, SOCK_RAW, IPPROTO_RAW)  [SYSCAP_NONET_RAW]
      -> OK fd=3   *** BYPASS ***
  mount("tmpfs", /tmp/df0165-mnt-tmpfs)  [SYSCAP_NOMOUNT_TMPFS]
      -> OK   *** BYPASS ***
  mount("null", /tmp/df0165-mnt-nullfs)  [SYSCAP_NOMOUNT_NULLFS]
      -> OK   *** BYPASS ***
  mount("devfs", /tmp/df0165-mnt-devfs)  [SYSCAP_NOMOUNT_DEVFS]
      -> OK   *** BYPASS ***
  mount("procfs", /tmp/df0165-mnt-procfs)  [SYSCAP_NOMOUNT_PROCFS]
      -> OK   *** BYPASS ***
=== end: 5 cap-gated action(s) bypassed jail policy ===