Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 23 Jun 2013 15:50:37 +0100
From:      Thomas Sparrevohn <Thomas.Sparrevohn@btinternet.com>
To:        FreeBSD-Security@freebsd.org, phk@freebsd.org
Subject:   POSIX mqueuefs not jail aware
Message-ID:  <19904027.kRPR4YHN3x@thomas-freebsd.aah-go-on.com>
next in thread | raw e-mail | index | archive | help 


Hi 

I have been working on some different projects that eventually will need a 
shared queue structure and have been playing with mq_open et al. 

For various reasons I was looking into being able to communicate between
the host and a jail using a global queue. Not that works fine using mqueuefs - 
the down side is that any root or matching uid can delete the queue on the 
host system.

Transscript - First the host

	root@Thomas-FreeBSD:/home/sparrevo # ~sparrevo/mqueue
	Testing creation of Queue /Talk
        Making sure it does not exist deleted
	/Talk Created
	 message posted 


Now the jail - please note this jail runs securelevel 2 - not that I would 
think it would matter here

	root@Thomas-FreeBSD:/home/sparrevo # jail -c amd64-schg
	amd64-schg: created
	root@Thomas-FreeBSD:/home/sparrevo # ssh sparrevo@192.168.0.203
	Password for sparrevo@amd64-schg.aah-go-on.com:
	Warning: untrusted X11 forwarding setup failed: xauth key data not 	
generated
	Warning: No xauth data; using fake authentication data for X11 	
forwarding.
	X11 forwarding request failed on channel 0
	Last login: Sat Jun 15 16:48:07 2013 from 192.168.0.203
	FreeBSD 10.0-CURRENT (PRODUCTION) #1 r252040: Sat Jun 22 01:20:14 BST 
2013

	Welcome to FreeBSD!

	sparrevo@amd64-schg:~ % ./mqueue                                                
	Testing creation of Queue /Talk                                                 
        Making sure it does not exist - it exist and we cannot delete it due 
permissions                                                                        
	Queue /Talk cannot be created                                                   
	hu:: File exists                                                                
	sparrevo@amd64-schg:~ % su                                                      
	Password:                                                                       
	root@amd64-schg:/home/sparrevo # ./mqueue                                       
	Testing creation of Queue /Talk                                                 
        Making sure it does not exist deleted                                   
	/Talk Created                                                                   
 	message posted                                                                 
	root@amd64-schg:/home/sparrevo # 

Looking at the code it seems like we are missing a couple of allow.xxx 
features. I have not yet had time to check thw shm code to see how it prevents 
it

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19904027.kRPR4YHN3x>