From nobody Mon Aug 12 22:36:43 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WjTsB1RWNz5TKRy for ; Mon, 12 Aug 2024 22:36:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WjTs94xGTz4cnB for ; Mon, 12 Aug 2024 22:36:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723502205; a=rsa-sha256; cv=none; b=g23KivRwV5rZtP3/VRR3Y97LUHjbY1mgG1hvI8EM+Fh+UmrPTTJtHjl6eG3D5s+RsyfDwi ImwLUXRzPECddENCSICQYKDv7ahs3LI69HPDHFfzdsdzcz6qNtGRaOMrxcTlJ/RW7RHvaf eVFOhxb38i6Mn58uR8KcvENKZTiYNLU2JNnJA9mNYfAeKDGHIas2qjw9Iy2S3cU2J2Tywr 6bso8Jm3af7XKO97zGc/9oAEsGmj3N+yaFSgDI0Eoc5vzmdV1BTpJ6iIUAU2lVR9OFA7Kr +fpC8cNenWu3UEdB4BUgePT6grwZdLJm1Vx7GoHwdB5yOpH60QhkPuJs/dku9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723502205; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zPNo3d07+TAPNejf5yvrrm6M8fvRc7GcOXnxuTVGMWI=; b=hYY9eG6L1moOEOw6g2oin5w+4aVT8uhm5jCOzsJ0Sy8cnrmCkctigVWijFrTF+mmN3+oHl /bPsJaqvuxypcbc9beusTVtV2JFIAgd2ozVksgHP3CfBRFQZPq/bFV8zyv1/ydHRz4exCL p4kMykKRWd/d9/iHrBRCVLOqmnz5qLEVwYpBq/GG12JPHQsrws1YXUinudMV0/jBiyIRk8 STpAZsGxV2Rg0DGRxGn8v7Uyjxhgr6wmUZKSrRK6BtMQAccPcgXGV/wY1Hh22utI/wEa1f FbfwPVnCpgSX7OZyINs+6yO99pNFE8ayZAJnSwHV9GpkvmDU0sjxc0UxcJ2GjA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WjTs92mQHzl8H for ; Mon, 12 Aug 2024 22:36:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47CMajXi009002 for ; Mon, 12 Aug 2024 22:36:45 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47CMajXU009000 for jail@FreeBSD.org; Mon, 12 Aug 2024 22:36:45 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Mon, 12 Aug 2024 22:36:43 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #16 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D5cf705491727dd963485f9911ee3d52c3= bf148db commit 5cf705491727dd963485f9911ee3d52c3bf148db Author: Jamie Gritton AuthorDate: 2024-08-12 22:23:28 +0000 Commit: Jamie Gritton CommitDate: 2024-08-12 22:23:28 +0000 jail: only chdir to user's home directory when user is specified jail(8) with the "exec.clean" parameter not only cleans the enviromnent variables before running commands, but also changes to the user's home directory. While this makes sense when auser is specified (via one of the exec.*_user parameters), it leads to all commands being run in the jail's /root directory even in the absence of an explicitly specified user. This can lead to problems when e.g. rc scripts are run from that non-world-readable directory, and run counter to expectations that jail startup is analogous to system startup. Restrict this behvaiour to only users exlicitly specified, either via the command line or jail parameters, but not the implicit root user. While this changes long-stand practice, it's the more intuitive action. jexec(8) has the same problem, and the same fix. PR: 277210 Reported by: johannes.kunde at gmail Differential Revision: https://reviews.freebsd.org/D46226 usr.sbin/jail/command.c | 2 +- usr.sbin/jail/jail.8 | 7 ++++++- usr.sbin/jexec/jexec.8 | 7 ++++++- usr.sbin/jexec/jexec.c | 2 +- 4 files changed, 14 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=