[Bug 200361] net.inet.tcp.hostcache.list is jail information leak
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu May 21 23:16:22 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200361
Bjoern A. Zeeb <bz at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|Open |In Progress
--- Comment #1 from Bjoern A. Zeeb <bz at FreeBSD.org> ---
Not even compile tested but if someone could make sure it does the right thing,
that would be great:
(1) base system should always continue to work as-is.
(2) a classic jail should get an "operation not permitted" back on attempting
to read.
(3) for VIMAGE kernels, base system see (1), classic jail see (2), and a vnet
jail should not change either.
Index: tcp_hostcache.c
===================================================================
--- tcp_hostcache.c (revision 283272)
+++ tcp_hostcache.c (working copy)
@@ -69,6 +69,7 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/systm.h>
+#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/mutex.h>
@@ -608,6 +609,9 @@ sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS)
char ip6buf[INET6_ADDRSTRLEN];
#endif
+ if (jailed_without_vnet(curthread->td_cred) != 0)
+ return (EPERM);
+
sbuf_new(&sb, NULL, linesize * (V_tcp_hostcache.cache_count + 1),
SBUF_INCLUDENUL);
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list