Attila Nagy wrote: > Hello, > > I'm wondering about closing some information leaks in FreeBSD jails from > the "outside world". > > Not that critical (depends on the application), but a simple user, with > restricted devfs in the jail (devfsrules_jail for example from > /etc/defaults/devfs.rules) can figure out the following:
[...] > - full dmesg output after boot and the kernel buffer when it overflows > (can contain sensitive information) If it's sensitive in so far as it endangers the privacy of local non-jailed users, I think that's a bug that'd need fixing. > - information about geom providers (at least geom mirror list works) > - the list of the loaded kernel modules via kldstat > - some interesting information about the network related stuff via netstat > - information about configured swap space via swapinfo > - NFS related statistics via nfsstat > - a lot of interesting stuff via sysctl I'm not sure why hiding the mentioned information is bad. It only contains machine-specific data, and at best the private information a jailed user will be able to figure out is the machine's usage patterns (yes, crypto folks don't like that, but c'mon...). Hiding that data isn't real security. Besides, the user can only gain the data if he can execute the binaries that provide it. Why not remove, say, the geom programs (and at the same time make it impossible to execute new programs? Eg only make the home/tmp dirs writeable, but put those on a noexec partition). That should make it hard enough to access geom data. Cheers Benjamin
signature.asc
Description: OpenPGP digital signature
