Date: Sun, 05 Feb 2006 15:09:12 +0100 From: =?ISO-8859-15?Q?Bj=F6rn_K=F6nig?= <bkoenig@cs.tu-berlin.de> To: current@freebsd.org Subject: unprivileged users are able to kill certain jailed processes Message-ID: <43E60708.9000902@cs.tu-berlin.de>
next in thread | raw e-mail | index | archive | help
Hello, unprivileged users of the host environment can see jailed processes with the same user ID. Furthermore they are able to send signals to these processes. I think since users are not allowed to imprison processes there is no reason why they should see them or even kill them. Someone pointed me to this issue and I want to know what you think about this. These are some steps to reproduce: root@host # jail -Uuserxy / localhost 127.0.0.1 /bin/sleep 12345& root@host # ps a | grep sleep 2255 p2 IJ 0:00,01 /bin/sleep 12345 login as 'userxy' userxy@host $ ps a | grep sleep 2255 p2 IJ 0:00,01 /bin/sleep 12345 userxy@host $ ps a | grep sleep [nothing] This is a suggestion to eliminate this behaviour. I appreciate further testing because I hadn't much time to do it. === patch starts here === --- src/sys/kern/kern_jail.c.orig Wed Sep 28 02:30:56 2005 +++ src/sys/kern/kern_jail.c Sun Feb 5 14:42:00 2006 @@ -405,6 +405,9 @@ return (ESRCH); if (cred2->cr_prison != cred1->cr_prison) return (ESRCH); + } else { + if (jailed(cred2) && suser_cred(cred1, 0)) + return (ESRCH); } return (0); === patch ends here === Regards Björn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43E60708.9000902>