Date: Sun, 09 Dec 2001 13:27:10 -0500 From: "Brian F. Feldman" <green@FreeBSD.ORG> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: "Crist J . Clark" <cjc@FreeBSD.ORG>, alexus <ml@db.nexgen.com>, freebsd-security@FreeBSD.ORG Subject: Re: identd inside of jail Message-ID: <200112091827.fB9IRAl13742@green.bikeshed.org> In-Reply-To: Message from Robert Watson <rwatson@FreeBSD.ORG> of "Fri, 07 Dec 2001 11:52:57 EST." <Pine.NEB.3.96L.1011207115009.42818D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson <rwatson@FreeBSD.ORG> wrote: > > This problem is fixed in 5.0-CURRENT as it performs two checks in udp and > tcp getcred: first, it checks for privilege (and permits the jail to > succeed), and second, it checks whether the connection in question is > visible to the current jail. I do not currently plan to merge these > changes to -STABLE, as they rely on changes merging the pcred and ucred > structures, which in turn depend on a lot of other changes throughout the > kernel in 5.0-CURRENT. As a follow-up note, the credential management > code in 5.0-CURRENT is substantially rewritten, and the result is much > better enforcement of process and resource visibility, both from the > perspective of jail, and from limiting users from seeing resources created > by other users (such as TCP connections) when dictated by policy. For 4.X, how about a sysctl kern.security.bsd.jail_getcred_enabled or a jail.getcred_allowed? That would make at least some people happy, I think. -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112091827.fB9IRAl13742>