From nobody Fri Aug 16 17:13:41 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WlpVb4BkBz5TFkx for ; Fri, 16 Aug 2024 17:13:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WlpVZ6yjwz4r1f for ; Fri, 16 Aug 2024 17:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723828423; a=rsa-sha256; cv=none; b=RoSDBcBj7poObDmtv+sc6D6HOtZPbdAAT2549PvaCA/py2PaGWYdn5DcqkBb1NHxWW/q8q EVt4gKetEkbEIvLrgWiYLayYqk3WCu6GhKF++0HFGBL7YpyIWKjKRIlWzI2QJ3rJv7ZoGd GZDMZCaU4nAj6RqvyATwci49qkFhhFLS2WYxAnubQheCBF/ST0an6lAAHOdzWVDEZ0gwH+ uS7iJYAOnnKOGTzvNgtNUFyy+JQnli7KOWlkvdREVlBC1vK+h2qiTsACBegj5lnybHiJm5 eCoEerCgPX654HVSYLe/M+tlmBWZ43GzXE+zQxNHnexgJVBxdSDpA4cIhYbzUg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723828423; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r6KqramfgXAXS8i8SF5MxTHG7EdtO5rYKyiD6/XDFPI=; b=fofuk4+aUY3PWYCky021Dt5WzA8QPoszTr80/R6l/GmUYgjEbYQSJm8nDMQU2YjZxzaWa3 KOMLdsAnQW3rmFvD7vwLdIZLsP5Zf/TUhkzz2BHGDq/1kuPZNMfuqUtjk7Riy27k43VV5h tcAWE9anspyoFIqtI+PDYR0NsQttP0U1xEYTFvyG+teWDaQfSP2kuCXArycyAVuGDvZTbN YNa+bH/bHg/fQclcWTJpi5SGzgMiu8TSHxfhLikxxhcuKdSiSwX38VZ4txi5ttt4pI07+q VssTMBQaTvoPceCLuQq/9IMww2h/HaqbdjT0QSOjHWfuMZDAZFsnLgPM8sEXhQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WlpVZ6YykzDq2 for ; Fri, 16 Aug 2024 17:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47GHDgqe054722 for ; Fri, 16 Aug 2024 17:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47GHDgg2054721 for jail@FreeBSD.org; Fri, 16 Aug 2024 17:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Fri, 16 Aug 2024 17:13:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #22 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D1ff3118d72b15fb4c02ee156a5073e3e4= 0528587 commit 1ff3118d72b15fb4c02ee156a5073e3e40528587 Author: Jamie Gritton AuthorDate: 2024-08-12 22:23:28 +0000 Commit: Jamie Gritton CommitDate: 2024-08-16 17:12:24 +0000 MFC jail: only chdir to user's home directory when user is specified jail(8) with the "exec.clean" parameter not only cleans the enviromnent variables before running commands, but also changes to the user's home directory. While this makes sense when auser is specified (via one of the exec.*_user parameters), it leads to all commands being run in the jail's /root directory even in the absence of an explicitly specified user. This can lead to problems when e.g. rc scripts are run from that non-world-readable directory, and run counter to expectations that jail startup is analogous to system startup. Restrict this behvaiour to only users exlicitly specified, either via the command line or jail parameters, but not the implicit root user. While this changes long-stand practice, it's the more intuitive action. jexec(8) has the same problem, and the same fix. PR: 277210 Reported by: johannes.kunde at gmail Differential Revision: https://reviews.freebsd.org/D46226 (cherry picked from commit 5cf705491727dd963485f9911ee3d52c3bf148db) usr.sbin/jail/command.c | 2 +- usr.sbin/jail/jail.8 | 7 ++++++- usr.sbin/jexec/jexec.8 | 7 ++++++- usr.sbin/jexec/jexec.c | 2 +- 4 files changed, 14 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=