https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211580
--- Comment #13 from Joe Barbish <[email protected]> --- To keep consistent with how things are done in jail(8) this "security.bsd.unprivileged_read_msgbuf" MIB should be implemented in the same manner as that used for "allow.raw_sockets". The default being not allowed. This would enable the ability to change the default for all jails or to customize per jail from the jail.conf file. Documented in "man 8 jail". And while doing this some though should be given to the "security.jail.jailed" MIB. Currently the "sysctl" console command is allowed to be executed from within a non-vnet jail. This leaves the door wide open to a compromised jail being able to obtain information about the host and if he's in a jail. This type of ability is what jail(8) is supposed to stop by design. This hole needs to be plugged. I suggest that the "allow.raw_sockets" method be used to enable the 'sysctl" command to execute from within a jail. The default being not allowed. The dmesg and sysctl commands provide the same basic info more or less, and since the posters to this PR feel that dmesg is a security leak than for sure sysctl is also. Even if this change misses the 12.0 deadline, it is a security update and can be added during the life of 12.0. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "[email protected]"
