Date: Thu, 24 Feb 2005 01:03:17 +0800 From: Xin LI <delphij@frontfree.net> To: "Wojciech A. Koszek" <dunstan@freebsd.czest.pl> Cc: freebsd-hackers@FreeBSD.org Subject: Re: [PATCH] Dangerous jail()<->ioctl interactions. Message-ID: <20050223170317.GA73338@frontfree.net> In-Reply-To: <20050221221656.GA64212@freebsd.czest.pl> References: <20050221221656.GA64212@freebsd.czest.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--liOOAslEiF7prFVr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 21, 2005 at 10:16:56PM +0000, Wojciech A. Koszek wrote: > Hello hackers, > I would like to let you know I've been doing [partial] audit of ioctl() > code. There are some places, which may interest you. These are: >=20 > sys/cam/cam_xpt.c > sys/contrib/ipfilter/netinet/ip_fil.c > sys/contrib/pf/net/pf_ioctl.c > sys/dev/ata/ata-all.c > sys/dev/md/md.c > sys/geom/geom_ctl.c >=20 > Those files contain ioctl()s, which let us to interact between jailed pro= cesses > and each of these subsystems. Although files like /dev/mdctl should not > appear in /dev with normal DEVFS rulesets, I think it would be better if = FreeBSD had > those ioctl() disabled within jail()ed environment. There is probably one > reason for keeping ipf/pf, since someone may want fetch information about= NATed > connections. These devices should all not be exposed to the jailed environment, in my op= inion. Since this can be done with devfs's rules, so I think this is not a bug... Default devfs configuration for a jail is not to mount it. Additionally, t= he default devfs ruleset hides everything but a limited set of pseudo devices = that should be commen for applications to consume. Therefore, I'd rather say th= at it's a configuration mistake of the user (^_^) Do you imply that there are other devices that enforce check against whethe= r they are ioctl'ed in jail? Cheers, --=20 Xin LI <delphij frontfree net> http://www.delphij.net/ See complete headers for GPG key and other information. --liOOAslEiF7prFVr Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCHLdV/cVsHxFZiIoRAjxIAJ9hrFQcisCTRrmykZhijxcIoJWx7wCfambA uuG/lGGD0yqH7y7G+Aa3eQg= =reHn -----END PGP SIGNATURE----- --liOOAslEiF7prFVr--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050223170317.GA73338>