[Bug 272092] The 'see_jail_proc' security policy still allows signaling and debugging sub-jails' processes
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 18 Oct 2023 18:05:03 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272092
--- Comment #3 from commit-hook@FreeBSD.org ---
A commit in branch releng/14.0 references this bug:
URL:
https://cgit.FreeBSD.org/src/commit/?id=7e21c691f295b3babc8c57c0aeafa19faf1371b6
commit 7e21c691f295b3babc8c57c0aeafa19faf1371b6
Author: Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:38 +0000
Commit: Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-10-18 17:59:51 +0000
Fix 'security.bsd.see_jail_proc' by using cr_bsd_visible()
As implemented, this security policy would only prevent seeing processes
in sub-jails, but would not prevent sending signals to, changing
priority of or debugging processes in these, enabling attacks where
unprivileged users could tamper with random processes in sub-jails in
particular circumstances (conflated UIDs) despite the policy being
enforced.
Approved by: re (gjb)
PR: 272092
Reviewed by: mhorne
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40628
(cherry picked from commit 5817169bc4a06a35aa5ef7f5ed18f6cb35037e18)
(cherry picked from commit abfcae344feb89c635616769d12150f84c96c003)
sys/kern/kern_prot.c | 25 +++++++------------------
sys/netinet/in_prot.c | 4 +---
2 files changed, 8 insertions(+), 21 deletions(-)
--
You are receiving this mail because:
You are the assignee for the bug.