Date: Wed, 10 Jun 2026 04:02:34 +0000 From: bugzilla-noreply@freebsd.org To: jail@FreeBSD.org Subject: [Bug 295052] The jail(8) command leaks potentially sensitive file descriptors to exec.* hooks. Message-ID: <bug-295052-29815-K8U3nvcs4G@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-295052-29815@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295052 --- Comment #20 from commit-hook@FreeBSD.org --- A commit in branch stable/15 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=a03b45d38f8fc312a7a86c3ac2e4bdcbbad9f4d3 commit a03b45d38f8fc312a7a86c3ac2e4bdcbbad9f4d3 Author: Jan Bramkamp <crest+freebsd@rlwinm.de> AuthorDate: 2026-05-06 23:28:53 +0000 Commit: Kyle Evans <kevans@FreeBSD.org> CommitDate: 2026-06-10 04:00:36 +0000 jail: open the fstab files with fopen("re") This protects against accidentally leaking them past fork()+exec() in future refactorings. PR: 295052 Reviewed by: kevans (cherry picked from commit 58811b0ae096c134af372bcf475aea1d8d0e3c08) usr.sbin/jail/config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- You are receiving this mail because: You are on the CC list for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-295052-29815-K8U3nvcs4G>