kern/96438: Executeing a linux binary within jail causes reboot.
pb at ludd.luth.se
Thu Apr 27 23:50:21 UTC 2006
>Synopsis: Executeing a linux binary within jail causes reboot.
>Arrival-Date: Thu Apr 27 23:50:19 GMT 2006
>Release: 6.0-RELEASE #0
FreeBSD f6.my.domain 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 root at x64.samsco.home:/usr/obj/usr/src/sys/GENERIC i386
Launching a linux binary like tcsh as the initial command from jail(8) seem to
cause system reboot.
Second occurence is that in some circumstances _within_ jail(8) executeing linux binary cause the system to reboot in the same way.
Because the machine in question is a remote. I have not watched console while this happends.
I suspect this bug could be exploited to take over the system or DoS it.
bin/tcsh: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.0, dynamically linked (uses shared libs), stripped
FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005
root at x64.samsco.home:/usr/obj/usr/src/sys/GENERIC
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Pentium Pro (199.74-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0x617 Stepping = 7
real memory = 83881984 (79 MB)
avail memory = 72499200 (69 MB)
npx0: <math processor> on motherboard
npx0: INT 16 interface
cpu0 on motherboard
Will add to PR when I know more. Hopefully this issue will be remedied in 6.1
Setup jail(8), use a linux binary as "init".
The second occourence is proberbly when I put linux system files. And then chroot to it within jail.
Be careful about linux binaries within jail(8).
Don't trust jail(8) security too much.
More information about the freebsd-bugs