Escaping Containment: A Security Analysis of FreeBSD Jails
ilja, Michael Smith
39th Chaos Communication Congress (39C3): Power Cycles · Day 1 · Saal Fuse
This talk, "Escaping Containment: A Security Analysis of FreeBSD Jails," delves deep into the security boundaries of FreeBSD jails, a long-standing and widely used containerization technology. Presented by Ilya, a seasoned security researcher at IOActive, and Michael Smith, an independent programmer and system administrator, the session explores the attack surface of jails, investigates potential jailbreaks, and culminates in a comprehensive demonstration of how a compromised jail can lead to full host compromise. The speakers also offer critical observations, conclusions, and a call to action for future hardening efforts.