Date: Sun, 05 Feb 2006 15:09:12 +0100 From: =?ISO-8859-15?Q?Bj=F6rn_K=F6nig?= <bkoenig@cs.tu-berlin.de> To: current@freebsd.org Subject: unprivileged users are able to kill certain jailed processes Message-ID: <43E60708.9000902@cs.tu-berlin.de>
next in thread | raw e-mail | index | archive | help
Hello,
unprivileged users of the host environment can see jailed processes with
the same user ID. Furthermore they are able to send signals to these
processes. I think since users are not allowed to imprison processes
there is no reason why they should see them or even kill them.
Someone pointed me to this issue and I want to know what you think about
this.
These are some steps to reproduce:
root@host # jail -Uuserxy / localhost 127.0.0.1 /bin/sleep 12345&
root@host # ps a | grep sleep
2255 p2 IJ 0:00,01 /bin/sleep 12345
login as 'userxy'
userxy@host $ ps a | grep sleep
2255 p2 IJ 0:00,01 /bin/sleep 12345
userxy@host $ ps a | grep sleep
[nothing]
This is a suggestion to eliminate this behaviour. I appreciate further
testing because I hadn't much time to do it.
=== patch starts here ===
--- src/sys/kern/kern_jail.c.orig Wed Sep 28 02:30:56 2005
+++ src/sys/kern/kern_jail.c Sun Feb 5 14:42:00 2006
@@ -405,6 +405,9 @@
return (ESRCH);
if (cred2->cr_prison != cred1->cr_prison)
return (ESRCH);
+ } else {
+ if (jailed(cred2) && suser_cred(cred1, 0))
+ return (ESRCH);
}
return (0);
=== patch ends here ===
Regards
Björn
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43E60708.9000902>