From nobody Wed Jun 10 04:01:25 2026
X-Original-To: jail@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gZsXQ012dz6gvFL
	for <jail@mlmmj.nyi.freebsd.org>; Wed, 10 Jun 2026 04:01:26 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4gZsXP4Btsz3wbR
	for <jail@FreeBSD.org>; Wed, 10 Jun 2026 04:01:25 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1781064085;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=WUxyxXOgbEvSTTZTmB8UnbWEHQfUWfYWiUn6sc7KGYE=;
	b=fkVOCaN+69woj1hOK3+uCVawRpZNyAYo+EoB6yWTgbd9qLrt6kTh7HFBCgu+/ldQfbWy+7
	N1drfZlNbzQwq3cT4VwEznMae7qdTZFQIOWlnfTLvfoKolxCu0E6RhmF6MBkOd/Drr6eB+
	ZkxOuTCHNdsZs6Rofp7GbmhJXSvT/Hi4wlgpqcSDLZzQSTF51IRka6fObmrR8/eWU4OMm2
	c8TLcNbtkE/RmY2YIkAUC1LEtW9hqK6orjXcJ1cGvaudm5KfOUZI/pCoQeiEjqvCGFN+T9
	3p3Gh4cVrkewJOedsNJ9O9/w2XrNrayTNfCf+cQlfDiQTZpX9IrKtAMzeZ1DSQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1781064085; a=rsa-sha256; cv=none;
	b=yIgKJuNnzP3+C70ma9IvD9+iI+47+lm4s+sqpzdt9dxN3F9YrsJyihcVTI33sCuaXK0agb
	rlzZHZTqytrb/GFkuVs/nWwIypvXXeHgkTk+hLGDX2Ze/5OBStp8OG5h/gdkT5jW2eUKTX
	4X+3wM4uTPVOdCw3G6lNVf3xCUdZXlpanRPG5MPxDSAzRSsgrJLYFD80JiYz2D5lpbtJfb
	X+cHyhTuqkWsaEUb9JWsR4+ZcimwMA12k9LfbL5azvJs3g3uqc50BbAAg9pKgz73P0Ek11
	2RNtQFlzLoVDnVv24SaIhj4B6KiDgYQM9jsyf7Mo3fqzO3lTM3eNa7SCfwLAfw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1781064085;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=WUxyxXOgbEvSTTZTmB8UnbWEHQfUWfYWiUn6sc7KGYE=;
	b=IUtpA9RMv/xZGazzhmXpibaWhaGe+6OET0bqK3+KjqpVv8ZyqVt4dlMjDRaBk3jbMUDSOY
	WeHjeze3CoHJEHdP/LC4qTBZnx56pLTXorU9qJJ2QRfCX+x3y5he7qad+Rb/bLY6gGJ0kA
	ss7F9MCEopNtFdYwGPeP5oUHZJA7MjIoE8w2Aj1F99+FJTeRmqyMVPNOhYEoq+ggQo5xLp
	s8WV+u1ZjSFfL5O995bB43iMxe+fzECowdrJARY8A50cx1dwU663HqAwlzKCTexOVXgMgy
	34VLuJ9g9TWqTj/Nu9LpOcR0r5vna2VzEAvmpQCe1uA3VqzalQ2dUBhYm/0ccg==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4gZsXP3nSgz14dL
	for <jail@FreeBSD.org>; Wed, 10 Jun 2026 04:01:25 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 65A41PXr002540
	for <jail@FreeBSD.org>; Wed, 10 Jun 2026 04:01:25 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from bugzilla@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 65A41Pni002539
	for jail@FreeBSD.org; Wed, 10 Jun 2026 04:01:25 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: jail@FreeBSD.org
Subject: [Bug 295052] The jail(8) command leaks potentially sensitive file
 descriptors to exec.* hooks.
Date: Wed, 10 Jun 2026 04:01:25 +0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: conf
X-Bugzilla-Version: 15.0-RELEASE
X-Bugzilla-Keywords: security
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: commit-hook@FreeBSD.org
X-Bugzilla-Status: In Progress
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: kevans@freebsd.org
X-Bugzilla-Flags: mfc-stable15? mfc-stable14?
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-295052-29815-og0q5UMMS9@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-295052-29815@https.bugs.freebsd.org/bugzilla/>
References: <bug-295052-29815@https.bugs.freebsd.org/bugzilla/>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="UTF-8"
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Discussion about FreeBSD jail(8) <freebsd-jail.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-jail
List-Help: <mailto:freebsd-jail+help@freebsd.org>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Subscribe: <mailto:freebsd-jail+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-jail+unsubscribe@freebsd.org>
Sender: owner-freebsd-jail@FreeBSD.org
List-Id: <freebsd-jail.FreeBSD.org>
List-Post: <mailto:freebsd-jail@FreeBSD.org>
List-Help: <mailto:freebsd-jail+help@FreeBSD.org>
List-Subscribe: <mailto:freebsd-jail+subscribe@FreeBSD.org>
List-Unsubscribe: <mailto:freebsd-jail+unsubscribe@FreeBSD.org>
List-Owner: <mailto:postmaster@FreeBSD.org>
Precedence: list
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D295052

--- Comment #19 from commit-hook@FreeBSD.org ---
A commit in branch stable/14 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=3Dee07da0c1e95d307d5120ac6a8a0ea5cc=
b88e61b

commit ee07da0c1e95d307d5120ac6a8a0ea5ccb88e61b
Author:     Jan Bramkamp <crest+freebsd@rlwinm.de>
AuthorDate: 2026-05-06 23:28:53 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2026-06-10 04:00:47 +0000

    jail: open the fstab files with fopen("re")

    This protects against accidentally leaking them past fork()+exec()
    in future refactorings.

    PR:             295052
    Reviewed by:    kevans

    (cherry picked from commit 58811b0ae096c134af372bcf475aea1d8d0e3c08)

 usr.sbin/jail/config.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--=20
You are receiving this mail because:
You are on the CC list for the bug.=