[Bug 193129] New: [jail] exec.start with exec.system_user doesn't set gid

Fri Aug 29 18:25:16 UTC 2014

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193129

            Bug ID: 193129
           Summary: [jail] exec.start with exec.system_user doesn't set
                    gid
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: freebsd at ruka.org

When starting a jail with /usr/sbin/jail -c, the start command is run with uid,
effective uid and effective gid set properly, but real gid isn't set, so it's
still zero from running jail as root.

In addition to any issues from retaining gid 0, this also has the effect that
the process is considered setugid and tainted, so coredumps, signals, etc are
restricted.

/usr/sbin/jexec does properly set the gid.

-- 
You are receiving this mail because:
You are the assignee for the bug.