From owner-freebsd-hackers@FreeBSD.ORG Wed Feb 23 17:03:48 2005 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3757516A4CE for ; Wed, 23 Feb 2005 17:03:48 +0000 (GMT) Received: from mail.freebsd.org.cn (dns3.freebsd.org.cn [61.129.66.75]) by mx1.FreeBSD.org (Postfix) with SMTP id 0264943D1F for ; Wed, 23 Feb 2005 17:03:43 +0000 (GMT) (envelope-from delphij@frontfree.net) Received: (qmail 13948 invoked by uid 0); 23 Feb 2005 16:54:43 -0000 Received: from unknown (HELO beastie.frontfree.net) (219.239.99.7) by mail.freebsd.org.cn with SMTP; 23 Feb 2005 16:54:43 -0000 Received: from localhost (localhost.frontfree.net [127.0.0.1]) by beastie.frontfree.net (Postfix) with ESMTP id D5870130F88; Thu, 24 Feb 2005 01:03:28 +0800 (CST) Received: from beastie.frontfree.net ([127.0.0.1]) by localhost (beastie.frontfree.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 73426-06; Thu, 24 Feb 2005 01:03:18 +0800 (CST) Received: by beastie.frontfree.net (Postfix, from userid 1001) id 6BE1013173E; Thu, 24 Feb 2005 01:03:17 +0800 (CST) Date: Thu, 24 Feb 2005 01:03:17 +0800 From: Xin LI To: "Wojciech A. Koszek" Message-ID: <20050223170317.GA73338@frontfree.net> References: <20050221221656.GA64212@freebsd.czest.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="liOOAslEiF7prFVr" Content-Disposition: inline In-Reply-To: <20050221221656.GA64212@freebsd.czest.pl> User-Agent: Mutt/1.4.2.1i X-GPG-key-ID/Fingerprint: 0xCAEEB8C0 / 43B8 B703 B8DD 0231 B333 DC28 39FB 93A0 CAEE B8C0 X-GPG-Public-Key: http://www.delphij.net/delphij.asc X-Operating-System: FreeBSD beastie.frontfree.net 5.3-RELEASE-p2 FreeBSD 5.3-RELEASE-p2 #15: Wed Dec 15 10:43:16 CST 2004 delphij@beastie.frontfree.net:/usr/obj/usr/src/sys/BEASTIE i386 X-URL: http://www.delphij.net X-By: delphij@beastie.frontfree.net X-Location: Beijing, China X-Virus-Scanned: by amavisd-new at frontfree.net cc: freebsd-hackers@FreeBSD.org Subject: Re: [PATCH] Dangerous jail()<->ioctl interactions. X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Feb 2005 17:03:48 -0000 --liOOAslEiF7prFVr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 21, 2005 at 10:16:56PM +0000, Wojciech A. Koszek wrote: > Hello hackers, > I would like to let you know I've been doing [partial] audit of ioctl() > code. There are some places, which may interest you. These are: >=20 > sys/cam/cam_xpt.c > sys/contrib/ipfilter/netinet/ip_fil.c > sys/contrib/pf/net/pf_ioctl.c > sys/dev/ata/ata-all.c > sys/dev/md/md.c > sys/geom/geom_ctl.c >=20 > Those files contain ioctl()s, which let us to interact between jailed pro= cesses > and each of these subsystems. Although files like /dev/mdctl should not > appear in /dev with normal DEVFS rulesets, I think it would be better if = FreeBSD had > those ioctl() disabled within jail()ed environment. There is probably one > reason for keeping ipf/pf, since someone may want fetch information about= NATed > connections. These devices should all not be exposed to the jailed environment, in my op= inion. Since this can be done with devfs's rules, so I think this is not a bug... Default devfs configuration for a jail is not to mount it. Additionally, t= he default devfs ruleset hides everything but a limited set of pseudo devices = that should be commen for applications to consume. Therefore, I'd rather say th= at it's a configuration mistake of the user (^_^) Do you imply that there are other devices that enforce check against whethe= r they are ioctl'ed in jail? Cheers, --=20 Xin LI http://www.delphij.net/ See complete headers for GPG key and other information. --liOOAslEiF7prFVr Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCHLdV/cVsHxFZiIoRAjxIAJ9hrFQcisCTRrmykZhijxcIoJWx7wCfambA uuG/lGGD0yqH7y7G+Aa3eQg= =reHn -----END PGP SIGNATURE----- --liOOAslEiF7prFVr--