Page MenuHomeFreeBSD
Files F152866970

D10770.id28458.diff
No OneTemporary
Actions

D10770.id28458.diff
View Options

Index: sys/kern/kern_prot.c
===================================================================
--- sys/kern/kern_prot.c
+++ sys/kern/kern_prot.c
@@ -1386,7 +1386,47 @@
return (0);
}
+/*
+ * 'see_jail_proc' determines whether or not visibility of processes and
+ * sockets with credentials holding different jail ids is possible using a
+ * variety of system MIBs.
+ *
+ * XXX: data declarations should be together near the beginning of the file.
+ */
+
+static int see_jail_proc = 1;
+SYSCTL_INT(_security_bsd, OID_AUTO, see_jail_proc, CTLFLAG_RW,
+ &see_jail_proc, 0,
+ "Unprivileged processes may see subjects/objects with different jail ids");
+
/*-
+ * Determine if u1 "can see" the subject specified by u2, according to the
+ * 'see_jail_proc' policy.
+ * Returns: 0 for permitted, ESRCH otherwise
+ * Locks: none
+ * References: *u1 and *u2 must not change during the call
+ * u1 may equal u2, in which case only one reference is required
+ */
+int
+cr_canseejailproc(struct ucred *u1, struct ucred *u2)
+{
+ int pc = 0;
+ /* check if target process belongs to current jail or lower one */
+ pc = prison_check(u1, u2);
+ if (pc == 0) {
+ /* root can see anything */
+ if (u1->cr_uid == 0)
+ return (0);
+ if (!see_jail_proc)
+ if (!jailed(u1) && jailed(u2))
+ return (ESRCH);
+ return (0);
+ } else {
+ return (ESRCH);
+ }
+}
+
+/*-
* Determine if u1 "can see" the subject specified by u2.
* Returns: 0 for permitted, an errno value otherwise
* Locks: none
@@ -1407,6 +1447,8 @@
if ((error = cr_canseeotheruids(u1, u2)))
return (error);
if ((error = cr_canseeothergids(u1, u2)))
+ return (error);
+ if ((error = cr_canseejailproc(u1, u2)))
return (error);
return (0);
}
Index: sys/sys/proc.h
===================================================================
--- sys/sys/proc.h
+++ sys/sys/proc.h
@@ -988,6 +988,7 @@
int cr_canseesocket(struct ucred *cred, struct socket *so);
int cr_canseeothergids(struct ucred *u1, struct ucred *u2);
int cr_canseeotheruids(struct ucred *u1, struct ucred *u2);
+int cr_canseejailproc(struct ucred *u1, struct ucred *u2);
int cr_cansignal(struct ucred *cred, struct proc *proc, int signum);
int enterpgrp(struct proc *p, pid_t pgid, struct pgrp *pgrp,
struct session *sess);

File Metadata

Mime Type
text/plain
Expires
Sat, Apr 18, 2:55 PM (18 h, 58 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31680365
Default Alt Text
D10770.id28458.diff (2 KB)

Event Timeline