From nobody Mon Aug 12 22:36:43 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WjTsB1RWNz5TKRy for ; Mon, 12 Aug 2024 22:36:46 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WjTs94xGTz4cnB for ; Mon, 12 Aug 2024 22:36:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723502205; a=rsa-sha256; cv=none; b=g23KivRwV5rZtP3/VRR3Y97LUHjbY1mgG1hvI8EM+Fh+UmrPTTJtHjl6eG3D5s+RsyfDwi ImwLUXRzPECddENCSICQYKDv7ahs3LI69HPDHFfzdsdzcz6qNtGRaOMrxcTlJ/RW7RHvaf eVFOhxb38i6Mn58uR8KcvENKZTiYNLU2JNnJA9mNYfAeKDGHIas2qjw9Iy2S3cU2J2Tywr 6bso8Jm3af7XKO97zGc/9oAEsGmj3N+yaFSgDI0Eoc5vzmdV1BTpJ6iIUAU2lVR9OFA7Kr +fpC8cNenWu3UEdB4BUgePT6grwZdLJm1Vx7GoHwdB5yOpH60QhkPuJs/dku9g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723502205; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=zPNo3d07+TAPNejf5yvrrm6M8fvRc7GcOXnxuTVGMWI=; b=hYY9eG6L1moOEOw6g2oin5w+4aVT8uhm5jCOzsJ0Sy8cnrmCkctigVWijFrTF+mmN3+oHl /bPsJaqvuxypcbc9beusTVtV2JFIAgd2ozVksgHP3CfBRFQZPq/bFV8zyv1/ydHRz4exCL p4kMykKRWd/d9/iHrBRCVLOqmnz5qLEVwYpBq/GG12JPHQsrws1YXUinudMV0/jBiyIRk8 STpAZsGxV2Rg0DGRxGn8v7Uyjxhgr6wmUZKSrRK6BtMQAccPcgXGV/wY1Hh22utI/wEa1f FbfwPVnCpgSX7OZyINs+6yO99pNFE8ayZAJnSwHV9GpkvmDU0sjxc0UxcJ2GjA== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WjTs92mQHzl8H for ; Mon, 12 Aug 2024 22:36:45 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47CMajXi009002 for ; Mon, 12 Aug 2024 22:36:45 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47CMajXU009000 for jail@FreeBSD.org; Mon, 12 Aug 2024 22:36:45 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Mon, 12 Aug 2024 22:36:43 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #16 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D5cf705491727dd963485f9911ee3d52c3= bf148db commit 5cf705491727dd963485f9911ee3d52c3bf148db Author: Jamie Gritton AuthorDate: 2024-08-12 22:23:28 +0000 Commit: Jamie Gritton CommitDate: 2024-08-12 22:23:28 +0000 jail: only chdir to user's home directory when user is specified jail(8) with the "exec.clean" parameter not only cleans the enviromnent variables before running commands, but also changes to the user's home directory. While this makes sense when auser is specified (via one of the exec.*_user parameters), it leads to all commands being run in the jail's /root directory even in the absence of an explicitly specified user. This can lead to problems when e.g. rc scripts are run from that non-world-readable directory, and run counter to expectations that jail startup is analogous to system startup. Restrict this behvaiour to only users exlicitly specified, either via the command line or jail parameters, but not the implicit root user. While this changes long-stand practice, it's the more intuitive action. jexec(8) has the same problem, and the same fix. PR: 277210 Reported by: johannes.kunde at gmail Differential Revision: https://reviews.freebsd.org/D46226 usr.sbin/jail/command.c | 2 +- usr.sbin/jail/jail.8 | 7 ++++++- usr.sbin/jexec/jexec.8 | 7 ++++++- usr.sbin/jexec/jexec.c | 2 +- 4 files changed, 14 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Aug 14 16:19:53 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WkYPP6sJrz5SPv2 for ; Wed, 14 Aug 2024 16:19:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WkYPP5DTwz53k9 for ; Wed, 14 Aug 2024 16:19:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723652393; a=rsa-sha256; cv=none; b=Q6DWl3gjy/9bvnHSSt0oUdl7UVfP6q/oFJvLIrl2kXnIHiQlMIANuF/ghNcA9AmyElEJ5E BnhCTtuHg0ALUA++KDsizCd+6EgYoNmxxJufJH01vFFpW5bkESKxhnZmY9iP58qutgjS57 cas2uqrUVVpSxFWbRoM2r3MidFyD1iZKbjPAPzE5Y7thM7Im915sv2TrhIHw5a2iEvmAsB 3Ctaj8pSlYcHoxoDlhUp2Ghr8oLGkiNTQRtWv3W9XEdpbash2+PvPLJvkj9WXXk5iNWnKw dFW0DtHbRNpiH1+FNhj+iFiy7Z5fUnGtnlpQD3X4+0lJUOpyPs+i0poamply/g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723652393; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/b+Sf0gELlOGHmUtpoe9ZvMH/8u27sja9tddMlaz7Lk=; b=NGyXm++8MW5wWktEw3GCpkx8l/qhTDMgM5hc8cfASSGULc+3hh/z3FtJ2J4t5Rwyd37Fh9 xV6tz9INnJJMAvnNpLe7FubkG73gIV82knN9UtmoKLgpfstZ2Xr4Kj3qU9i+i1xQkbBL/c vejwlS6X8aTi9UCBPkbUlG/mV7zb/LJqlFAL6OtiJNsyfxvNI30bv5jI6CbIgoq1Hb5at8 STFrRagM6Kd7e5prPDIIs9dQQhxtJm700jaJE/n4ECYwnXU+9lGgRRHX6BMvcOTwepJNe+ kbzk4CGfP4Qo8cx0In85TbKojzMmNPodcL91lIKQbbZzuoGbyO8nGUA7STEcPg== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WkYPP4qGPz11fl for ; Wed, 14 Aug 2024 16:19:53 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47EGJr7O091744 for ; Wed, 14 Aug 2024 16:19:53 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47EGJrZj091739 for jail@FreeBSD.org; Wed, 14 Aug 2024 16:19:53 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Wed, 14 Aug 2024 16:19:53 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: michael.osipov@siemens.com X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 Michael Osipov changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |michael.osipov@siemens.com --- Comment #17 from Michael Osipov --- Johannes, does this fix your issue? Is this something we can easily MFC? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Wed Aug 14 17:36:12 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wkb5T0dPrz5SWmK for ; Wed, 14 Aug 2024 17:36:13 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wkb5S6gDHz58j5 for ; Wed, 14 Aug 2024 17:36:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723656972; a=rsa-sha256; cv=none; b=e6WNy021uzaVEYi2igqajJ51gREAJ0tf0hWnGP+1UwqiaMZkrpTQnZD1V1qDhvwuTnNY/b wssPeIqeBKoXpsVWVt2kDn/BnFzrntX557yTYr8Il2qhp20YgUDrdGqKMMFj5xkEGRosHx TM1XGa2oNIyaqLaLOGx8YuJSYInK4qTDkAZi3+u7yqkiL+wtRDkyB9x/Sh/VlBtVky7BIJ qyhNRArhfCmZiClk575jkquBj4BwckL9tLTphwRz3WixiAw3OsviaG9tKvy7t6HfD0LnUg NM15bPAYPOHWvchSlemK8x5RdGos7XH39b038sMxljYWfyr2Mrn5jZjvRxy67w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723656972; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9dsH75WpClTJ4I1QVCHGYzIb9cxnmRVirY0XCpy0Oq4=; b=BJt78WFrdClwtUijemlQsMqk1JFWdxb2YrUeh0OUpWtAOEPvYFsZE5z/RtaW7/NK3+uUci FNX2xlnOg5JBm2PvYpBg5UuwXUKoxL6yR9FyLb7C8hbQOULPA33D7Bp1zEXPJlrLuez8Jb yTJlslH5dwnp4eX8jmFuzvfBms3Qdcr2wXBBRV8RWJrck/yfC0l7NH5oz6LX7rz7n2Oll7 NO8cDEd4LxmrylxIacqhhnGMjSxzf92bEMWbC9SQWZZlUY7kOjxPGUtrrjs+X76d+t7BIE KgbyAc/rR171pnIjBUc2euEXbMGso7insZnmKJcvLiqmooNiiNgpKj3RBpd4Ag== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wkb5S64Gmz13CG for ; Wed, 14 Aug 2024 17:36:12 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47EHaCNE014509 for ; Wed, 14 Aug 2024 17:36:12 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47EHaCNn014508 for jail@FreeBSD.org; Wed, 14 Aug 2024 17:36:12 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Wed, 14 Aug 2024 17:36:12 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jamie@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #18 from Jamie Gritton --- It can be MFC'd with no problem, as is probably fine for 14.2, but I don't think it should go into 13.4. Since it does change long-standing behavior,= I want it to sit around and let people react to it for a while. 13.4 is practically out the door. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Aug 15 10:35:26 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wl1jX6mjkz5TN0w for ; Thu, 15 Aug 2024 10:35:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wl1jX5m1Bz4nPy for ; Thu, 15 Aug 2024 10:35:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723718128; a=rsa-sha256; cv=none; b=IEpV2HNAVAudQvVmYIwDzPzHjLSa1PSPYrBWNHB3Gz/pOwhjM0sgoOAKmoSfIunkfxzvav GMIzIPucV1jGyuXW/do0Tw2K/1GNGf33ZcIiRZf4zJrvAS8hGVIZShqmL5oeOmhcUnno1l /cJ70m7aKPGZ1u828bYHnk/9I+ZOrJfr+hUmAc9CopscZwehuLWkZ6XMEnD3pcJIh0n09o X4eKcFmXmgRmEb9X6vwD2xKFV4HG7CMErh+mlNtMWW2cStwrRWokp/46kvPZQ08vt1xGoH /YFVIgRn9h+lq9pAE3HKsHu0ZvHIQ0hf3Ou4aQvaQ7nWUdMNYoc8QspAdVhcZA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723718128; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ArApLaP+Bby47B4i11CW4b3PceRZzQGn6ViKLiAOvyk=; b=RkZPDwr+73e1B20+JyqnGnZc1NDaDJIoYt9nMgqxxwN/oQadnHfbqEm84s4Of0IMvaa5DA VCcxCPATkd662QFXZP8SVzjID5LUFzdjUOFKRz1SpinquzjSP2kBkYjzrDL7l0ZNvcriyY Q7c6lqCUzmiYkFJHJLDtEWuojz3YsDdguq63+YjtoljajYtOW9yJcvXoGqo52n1nlb9CJY SqSkxOuzBP0FiudpQAyrBmcwe0r82ATw0+otCZuOJYfKfnqNFlOeEglo4o3yHcBuMTFd/5 v13PAF/k9Z8uqy7FhGg82XU4b0HQnEqNNrdmFRZ4EBGgw9LOOxnQJH3e8twZ8g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wl1jX5FWHzJfl for ; Thu, 15 Aug 2024 10:35:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47FAZSng076936 for ; Thu, 15 Aug 2024 10:35:28 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47FAZSt9076935 for jail@FreeBSD.org; Thu, 15 Aug 2024 10:35:28 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Thu, 15 Aug 2024 10:35:26 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: michaelo@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #19 from Michael Osipov --- (In reply to Jamie Gritton from comment #18) That is fine, MFC to 14 in a month? --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Thu Aug 15 16:39:05 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wl9n73Wb6z5SSHB for ; Thu, 15 Aug 2024 16:39:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wl9n72VPFz4bj7 for ; Thu, 15 Aug 2024 16:39:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723739947; a=rsa-sha256; cv=none; b=LGvZq6ZNHSYelYaTdXqixyDl6szP+8UQjO3MOnbMWJ3tlaj1sffTovWVDckEP4ueh6S+7n Ox0rIyQ6olJeQYQeC3VS1Sj1f2zmQvbLoT+pc0qNO9FmifozPpOImPYYeTtyMDSUKodIZt V/7A4Y8E7p0bLpdwJYL3ECB7LUN+S9acVBgLqvNKA/16XeyTfRtNgIMyqdBWJglSNgXtKZ 56sxREZwJSM1IqJ1LkTjgh4tRYa0pPsnYtytcjmRIVxduquOYST8COa4GZhwGt3uE4En6s +KmI/xRBqsYk174XubgYvZxEgwnWznjsEcg3pQ4tUWykvsgzfTHXjL4GWVb/iw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723739947; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=XXQypghGQdhtXC8BWQq4LqffsS9kVNMS5OSmf4B9DAI=; b=qkVb7sJf5b/KBN8B60G0drVG8wYpZ5/DOmxu6zYRKst4WJXbB4EmH1kTXwmFFz9OftRGfD M9HSqT7M/C6A5cDIqzmhti0jKIylfPl6BuZdW9sI5N724Xv45qnJpwUXQS9TWmps3x3ube 84nalbBG8vW320pXTEV5Bj090IjpvjQvEIXEvT6Om6ViuMvzPPbJLKKAIygldk/OFDEuR6 2yaFBAuZUS3JzBDAdXzpksROaXcdiI7eGaKEHphmskUCSH20quirYnYZvyzc8kArms2Tbb gu3RQYZeEEYB3SjNd1NFOBUcSKesYK5nn+FXtrTKeYrLFBqBwRahquOpDCXM1g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wl9n721CHzW79 for ; Thu, 15 Aug 2024 16:39:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47FGd7Zs038101 for ; Thu, 15 Aug 2024 16:39:07 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47FGd73C038100 for jail@FreeBSD.org; Thu, 15 Aug 2024 16:39:07 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Thu, 15 Aug 2024 16:39:05 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jamie@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #20 from Jamie Gritton --- I'd rather get it in 14 sooner actually, giving those who use STABLE a chan= ce to try it out. If it turns out to be a problem, there's ample time to reve= rse it before 14.2. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Aug 16 08:28:55 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WlZs60KTVz5SRbZ for ; Fri, 16 Aug 2024 08:28:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WlZs54B8pz3x8t for ; Fri, 16 Aug 2024 08:28:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723796937; a=rsa-sha256; cv=none; b=eu3uI6UBsL5PzKIJlRsfZp6xymrzk7lACezUs3NEBzjH4S4TTwxh/O78ziTCFg40NEJzKY CFY3z61AyaUnuCcxfZWdNhbQ+OyQHxNFIC4DoNqg/7f5WdxQqkxS+IJhsrLFAyX2yRa/PQ jWi9SHyaFdufwNmuQ2etEN5tyd0L9WpVxmMZ57v54h+xPVkWw6Uo1dKhX4ytP/idwz7eEc 1ngH6qT6Zko2+7h+ZeW89vBMUEa8tmuRXhOnglACSNmh4pzzFVoUU76+l+azqcbcFXhLrC J38VRKmGziQR/huZAyc9sNMDAKp8mAhJkBMQFYbgV6I3Yx8VsJJIYfMaweUOdQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723796937; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WulnFeWo6TTG3tGV2tiO4vKrCT2sdIpN7QxuK1A9CCo=; b=M0ZWi5lG0CDtHTy8ojAqVNy7Q0l3hIZG5UDR4gwYK6+ztSBC8xHiUN1e5Yw0ub8xu5umkW XSUKc9Flr1w3snrCMBrK2XWnaqrHP+ozFg6waBcybrTigik8sKnQQOwi36GyhPAmiCpRez E3mt5J551BrUPz8G3LIhIaNNtTLNGNmSgXSKS9uGScqdVQ5FZ360efF76ws/HeDLjLRomJ 7K5LyLk91UMUcFQIC0Q7F7EelTQbvso3815Bd6bdFzixK6XrKiasG3r2wrQ+Qih3B8DCT+ YouZhhFwHXTT58e/FT/cwWzdBI9OxB6AHOPvymbkIkD43YEbQSyUb13za0H5Yw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WlZs53lXGzycQ for ; Fri, 16 Aug 2024 08:28:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47G8SvYo025225 for ; Fri, 16 Aug 2024 08:28:57 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47G8SvBM025224 for jail@FreeBSD.org; Fri, 16 Aug 2024 08:28:57 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Fri, 16 Aug 2024 08:28:55 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: michaelo@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #21 from Michael Osipov --- (In reply to Jamie Gritton from comment #20) Make sense, having in 14.2-RELEASE would be awesome. --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Aug 16 17:13:41 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WlpVb4BkBz5TFkx for ; Fri, 16 Aug 2024 17:13:43 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WlpVZ6yjwz4r1f for ; Fri, 16 Aug 2024 17:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723828423; a=rsa-sha256; cv=none; b=RoSDBcBj7poObDmtv+sc6D6HOtZPbdAAT2549PvaCA/py2PaGWYdn5DcqkBb1NHxWW/q8q EVt4gKetEkbEIvLrgWiYLayYqk3WCu6GhKF++0HFGBL7YpyIWKjKRIlWzI2QJ3rJv7ZoGd GZDMZCaU4nAj6RqvyATwci49qkFhhFLS2WYxAnubQheCBF/ST0an6lAAHOdzWVDEZ0gwH+ uS7iJYAOnnKOGTzvNgtNUFyy+JQnli7KOWlkvdREVlBC1vK+h2qiTsACBegj5lnybHiJm5 eCoEerCgPX654HVSYLe/M+tlmBWZ43GzXE+zQxNHnexgJVBxdSDpA4cIhYbzUg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723828423; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r6KqramfgXAXS8i8SF5MxTHG7EdtO5rYKyiD6/XDFPI=; b=fofuk4+aUY3PWYCky021Dt5WzA8QPoszTr80/R6l/GmUYgjEbYQSJm8nDMQU2YjZxzaWa3 KOMLdsAnQW3rmFvD7vwLdIZLsP5Zf/TUhkzz2BHGDq/1kuPZNMfuqUtjk7Riy27k43VV5h tcAWE9anspyoFIqtI+PDYR0NsQttP0U1xEYTFvyG+teWDaQfSP2kuCXArycyAVuGDvZTbN YNa+bH/bHg/fQclcWTJpi5SGzgMiu8TSHxfhLikxxhcuKdSiSwX38VZ4txi5ttt4pI07+q VssTMBQaTvoPceCLuQq/9IMww2h/HaqbdjT0QSOjHWfuMZDAZFsnLgPM8sEXhQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WlpVZ6YykzDq2 for ; Fri, 16 Aug 2024 17:13:42 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47GHDgqe054722 for ; Fri, 16 Aug 2024 17:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47GHDgg2054721 for jail@FreeBSD.org; Fri, 16 Aug 2024 17:13:42 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Fri, 16 Aug 2024 17:13:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #22 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D1ff3118d72b15fb4c02ee156a5073e3e4= 0528587 commit 1ff3118d72b15fb4c02ee156a5073e3e40528587 Author: Jamie Gritton AuthorDate: 2024-08-12 22:23:28 +0000 Commit: Jamie Gritton CommitDate: 2024-08-16 17:12:24 +0000 MFC jail: only chdir to user's home directory when user is specified jail(8) with the "exec.clean" parameter not only cleans the enviromnent variables before running commands, but also changes to the user's home directory. While this makes sense when auser is specified (via one of the exec.*_user parameters), it leads to all commands being run in the jail's /root directory even in the absence of an explicitly specified user. This can lead to problems when e.g. rc scripts are run from that non-world-readable directory, and run counter to expectations that jail startup is analogous to system startup. Restrict this behvaiour to only users exlicitly specified, either via the command line or jail parameters, but not the implicit root user. While this changes long-stand practice, it's the more intuitive action. jexec(8) has the same problem, and the same fix. PR: 277210 Reported by: johannes.kunde at gmail Differential Revision: https://reviews.freebsd.org/D46226 (cherry picked from commit 5cf705491727dd963485f9911ee3d52c3bf148db) usr.sbin/jail/command.c | 2 +- usr.sbin/jail/jail.8 | 7 ++++++- usr.sbin/jexec/jexec.8 | 7 ++++++- usr.sbin/jexec/jexec.c | 2 +- 4 files changed, 14 insertions(+), 4 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Fri Aug 16 18:49:56 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wlrdf1Hpjz5TN0J for ; Fri, 16 Aug 2024 18:49:58 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wlrdd38F4z3ytx for ; Fri, 16 Aug 2024 18:49:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723834197; a=rsa-sha256; cv=none; b=uXFwXLbXWwCQKntd/2D8ZEy+kZZ/dhobMOpMBcAFLaJEb7PaBngR2LoJBfKYEikdPhbNgb el5P6rm7GrOkUYP23iFamO0AUb1YyQZnsClCEiwrRUk/yMfEUYeCr2hUpCsqwdAB0Dh9eK uk54bu+OEu3mAdh1s/ruSkIL69pXut9e6Uz8pPKHLQCfihODw5JjKUlZErsqpQs9ukYwpB S1Jy6HMgn8fI5kGY+oxEeuf1eDMFZJV7EbT9B8xKDn4cP4YspqE0StsrHpBKJ+sTJXRyMc 9EqoYFXq6y9I6BVNVBmGlZvR8lYAkn2XkouXU6GRBF9Pzmzjd5Noc8GN8DuutA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723834197; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=imZFui1iLGgVlC65KEB1KlBTzmCo9LqmnFXOnVHkDNU=; b=iUWC4ToZOOuok841ECmP8EXzWQpDr0ksqRLC5BULfLcSwaAgHQ/E4gzp3icucs/iG6zVqs XEvTgwfeLuilLcAZZH6BLUJqt2Ys89/zBCb6zGNbk5tEfWuJp+4gEK1mlurtv6tE/9drIT fFJ82iMJyQ1QQ9SwSbWf6e5vXdqW8e/IePM92/uDEk+6fs0K240RzBFXEgXwZBvq25XUG6 0oecjVS4Us7O009EE65zbXp2xpBA46//z+oV3ac7d6Gld7N6H/HX4T8bSRDUWv6wMHwzDO m6+vGnYSxyTRzTHQRYP7fJH8OdnHsVlmPeByztsqJ3YpBr8WmMOtQ6cS+2+rXw== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wlrdd2cGWzHjJ for ; Fri, 16 Aug 2024 18:49:57 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47GInvRi043223 for ; Fri, 16 Aug 2024 18:49:57 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47GInvnk043222 for jail@FreeBSD.org; Fri, 16 Aug 2024 18:49:57 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Fri, 16 Aug 2024 18:49:56 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jamie@FreeBSD.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: resolution bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 Jamie Gritton changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|Open |Closed --=20 You are receiving this mail because: You are the assignee for the bug.= From nobody Sat Aug 17 07:29:05 2024 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wm9TY2d0Nz5STDk for ; Sat, 17 Aug 2024 07:29:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wm9TY0gNcz4BqN for ; Sat, 17 Aug 2024 07:29:05 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1723879745; a=rsa-sha256; cv=none; b=Y3HvEf/CvDlCGpqw0mGjt7atTxvUzaTI9F/MHmGV36E5kke35IFVNMKfAH9uNyibPH/bYn 24CP6170lA/yjbQHrymitHIF9YKy91TzW0FR6kfIKIhecscv857KZPR/WLI7B4hmjM8CUg dUZu3SXg/88OZ7DlQnm1GiCXvCwht+gMLw5iYqD36/Iu+oMv1GkG8o9jCdgVxeTZAMqoQ1 MA6NqewPqo8K7kK9DBqkimfIpUHFJ6uYyWfu3OfohS2ErmiSv7880OY7FfSlM3OECxubUT Yu9r8/Ech25MVWsPET2F7sHrw6RLkRUDlfubnxzqQWmZPn9vMbwgS0/lV5Elag== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1723879745; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MCylBFDo3kFw4GZjNfU/MRp7E1n6vpVMw5TxGMwN3yE=; b=hdDVcecVuUWGB4tOQA8owkmZe7u7nRcSgc2/RhXqst86lpAv1plzsaguVxSbeENZfBdE8+ 90Gv8Gqj44ArNznOumSK4zOIqtwypV2hoShZwaURb4AFQUhubeTcMrARreojMMsESLJwfx dz73CQXvEOIkN3OSdQ0Ztrf7QUvhPsaSO3iggPOpJTfaGS8xyXE4KN4dnMorH3uPLcKKr9 2zyQKKemHKAihTZ+1MKTTQ8j9VY77YSz52/q5QSRzc0Jlne6X2gW1ueEYKxRLZ8Cc5vLY+ 4XBsqsPfe8nWyRHD9a72vDL+cSr1Qbllyp1IO6bUSG2r1fPV6gjEDJgfp6Xx/g== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wm9TX6SmPzgd0 for ; Sat, 17 Aug 2024 07:29:04 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 47H7T4iq035302 for ; Sat, 17 Aug 2024 07:29:04 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 47H7T419035299 for jail@FreeBSD.org; Sat, 17 Aug 2024 07:29:04 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 277210] jail(8): exec.clean retrieves PWD from user info (can cause services to crash on jail start-up) Date: Sat, 17 Aug 2024 07:29:05 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: johannes.kunde@gmail.com X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: jail@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D277210 --- Comment #23 from johannes.kunde@gmail.com --- (In reply to Michael Osipov from comment #17) I've currently no access to my computer. I'll test it in the course of next week. --=20 You are receiving this mail because: You are the assignee for the bug.=