https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193129
Bug ID: 193129
Summary: [jail] exec.start with exec.system_user doesn't set
gid
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: Needs Triage
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
When starting a jail with /usr/sbin/jail -c, the start command is run with uid,
effective uid and effective gid set properly, but real gid isn't set, so it's
still zero from running jail as root.
In addition to any issues from retaining gid 0, this also has the effect that
the process is considered setugid and tainted, so coredumps, signals, etc are
restricted.
/usr/sbin/jexec does properly set the gid.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
