Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 16 Feb 2004 16:53:15 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Maxim Konovalov <maxim@macomnet.ru>
Cc:        current@FreeBSD.org
Subject:   Re: Jails that keep hanging around
Message-ID:  <20040216155315.GG14639@garage.freebsd.pl>
In-Reply-To: <20040216175831.G39007@news1.macomnet.ru>
References:  <200402151714.26631.freebsd-current@webteckies.org> <20040215191756.P49729@news1.macomnet.ru> <20040216133617.GD14639@garage.freebsd.pl> <20040216164605.S19111@news1.macomnet.ru> <20040216140720.GE14639@garage.freebsd.pl> <20040216175831.G39007@news1.macomnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help 

--WIW0mBdZQbss59/X
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Feb 16, 2004 at 06:12:18PM +0300, Maxim Konovalov wrote:
+> > +> What I really do not understand why we do not leak in non-jail
+> > +> environment?
+> >
+> > I'm sure we are, this is just hard to check, because we don't have
+> > list with allocated 'cred' structures.
+> >
+> > But try to do your test without a jail and track 2nd column in:
+> >
+> > 	# sysctl kern.malloc | grep cred
+> >
+> > Number of objects grows when I'm killing daemon while connection
+> > exists. I'm wondering if this cannot be used to some DoS attack.
+>=20
+> Can't reproduce:
+>=20
+> $ vmstat -m | grep cred
+>          cred    38     5K      5K    22714  128
+>=20
+> [ serveral nc & telnet tests I port early in non-jail environment ]
+>=20
+> $ vmstat -m | grep cred
+>          cred    38     5K      5K    22833  128

Probably, because no new cred structure is allocated when you run 'nc'
without a jail (only this one used by your shell is referenced again).

Try to do:

	# su - <some_user> -c "/usr/local/bin/nc -p 1234 -l 127.0.0.1"

--=20
Pawel Jakub Dawidek                       http://www.FreeBSD.org
pjd@FreeBSD.org                           http://garage.freebsd.pl
FreeBSD committer                         Am I Evil? Yes, I Am!

--WIW0mBdZQbss59/X
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQFAMOdrForvXbEpPzQRAmlhAKDQQDB4WnhkRDXx6+Yairew4YrstwCg73xH
Ts7G7aY70BFvgPknoYH0BB4=
=cU3h
-----END PGP SIGNATURE-----

--WIW0mBdZQbss59/X--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040216155315.GG14639>