[Bug 272092] The 'see_jail_proc' security policy still allows signaling and debugging sub-jails' processes

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 17 Oct 2023 19:44:07 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272092

--- Comment #2 from commit-hook@FreeBSD.org ---
A commit in branch stable/14 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=e1153205a719c6cb792cb2213a3737ee6b53d59c

commit e1153205a719c6cb792cb2213a3737ee6b53d59c
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:38 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-10-17 19:42:58 +0000

    Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible()

    As implemented, this security policy would only prevent seeing processes
    in sub-jails, but would not prevent sending signals to, changing
    priority of or debugging processes in these, enabling attacks where
    unprivileged users could tamper with random processes in sub-jails in
    particular circumstances (conflated UIDs) despite the policy being
    enforced.

    PR:                     272092
    Reviewed by:            mhorne
    MFC after:              2 weeks
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40628

    (cherry picked from commit 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18)

 sys/kern/kern_prot.c  | 25 +++++++------------------
 sys/netinet/in_prot.c |  4 +---
 2 files changed, 8 insertions(+), 21 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.