From owner-freebsd-security@FreeBSD.ORG Thu Aug 18 15:18:36 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 785D416A41F for ; Thu, 18 Aug 2005 15:18:36 +0000 (GMT) (envelope-from benlutz@datacomm.ch) Received: from maxlor.mine.nu (c-213-160-32-54.customer.ggaweb.ch [213.160.32.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA29A43D45 for ; Thu, 18 Aug 2005 15:18:35 +0000 (GMT) (envelope-from benlutz@datacomm.ch) Received: from localhost (localhost [127.0.0.1]) by maxlor.mine.nu (Postfix) with ESMTP id 6F63D593; Thu, 18 Aug 2005 17:18:34 +0200 (CEST) Received: from maxlor.mine.nu ([127.0.0.1]) by localhost (midgard [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52383-10; Thu, 18 Aug 2005 17:18:32 +0200 (CEST) Received: from [10.0.0.23] (mini.intranet [10.0.0.23]) by maxlor.mine.nu (Postfix) with ESMTP id BCCC7C4; Thu, 18 Aug 2005 17:18:32 +0200 (CEST) Message-ID: <4304A6C6.6090006@datacomm.ch> Date: Thu, 18 Aug 2005 17:18:30 +0200 From: Benjamin Lutz User-Agent: Mozilla Thunderbird 1.0.6 (Macintosh/20050716) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Attila Nagy References: <43049FB2.1030203@fsn.hu> In-Reply-To: <43049FB2.1030203@fsn.hu> X-Enigmail-Version: 0.92.0.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigBCB6E73722D46EBC03262C02" X-Virus-Scanned: by amavisd-new at maxlor.mine.nu X-Mailman-Approved-At: Fri, 19 Aug 2005 12:33:35 +0000 Cc: freebsd-security@FreeBSD.org Subject: Re: Closing information leaks in jails? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Aug 2005 15:18:36 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigBCB6E73722D46EBC03262C02 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Attila Nagy wrote: > Hello, > > I'm wondering about closing some information leaks in FreeBSD jails from > the "outside world". > > Not that critical (depends on the application), but a simple user, with > restricted devfs in the jail (devfsrules_jail for example from > /etc/defaults/devfs.rules) can figure out the following: [...] > - full dmesg output after boot and the kernel buffer when it overflows > (can contain sensitive information) If it's sensitive in so far as it endangers the privacy of local non-jailed users, I think that's a bug that'd need fixing. > - information about geom providers (at least geom mirror list works) > - the list of the loaded kernel modules via kldstat > - some interesting information about the network related stuff via netstat > - information about configured swap space via swapinfo > - NFS related statistics via nfsstat > - a lot of interesting stuff via sysctl I'm not sure why hiding the mentioned information is bad. It only contains machine-specific data, and at best the private information a jailed user will be able to figure out is the machine's usage patterns (yes, crypto folks don't like that, but c'mon...). Hiding that data isn't real security. Besides, the user can only gain the data if he can execute the binaries that provide it. Why not remove, say, the geom programs (and at the same time make it impossible to execute new programs? Eg only make the home/tmp dirs writeable, but put those on a noexec partition). That should make it hard enough to access geom data. Cheers Benjamin --------------enigBCB6E73722D46EBC03262C02 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (Darwin) iD8DBQFDBKbJgShs4qbRdeQRAqZxAJ4gqQ+8Q8hbAiSCyGlleD6yBA/owgCeO8A6 Bbdm1tuPFd25sMgJPCFapIA= =boxf -----END PGP SIGNATURE----- --------------enigBCB6E73722D46EBC03262C02--