Re: Improving FreeBSD-SA-07:01.jail fix [was: HEADS UP: Re: FreeBSD Security Advisory FreeBSD-SA-07:01.jail]



On Tue, Jan 23, 2007 at 01:25:08PM +0100, Alexander Leidinger wrote:
Quoting Pawel Jakub Dawidek <pjd@xxxxxxxxxxx> (from Tue, 23 Jan 2007 12:34:44 +0100):
It looks like it may work, but I still find it a bit risky. If sh(1) can
reopen the file under some conditions or someone in the future will
modify sh(1) in that way (because he won't be aware that such a change
may have impact on system security) we will have a security hole.
Chances are small, but I'm not going to be the one who will accept that
change:)

The spawned subshell is like a command. It doesn't make sense to reopen the file for a command. It's like saying we open and close the file for each line. I didn't
calculated the probability of this to happen, but I would be very surprised if it is significant. Just think about the performance of such behavior (or a more complex logic
[...] And if you think about such unlikely stuff to happen, you should also think about some other stuff we are not prepared to
survive. [...]

Come on, this argument always stands. I only wanted to point out that we
should be extra careful with building security on top of tools that are
not intended for this purpose.

[...] But feel free to propose a better solution for the problem.

The solution was proposed already - keep console.log outside of jail.

Don't read my comment as a "no" vote for your solution. If secteam@
decide there is nothing to be worry about - fine by me.

--
Pawel Jakub Dawidek http://www.wheel.pl
pjd@xxxxxxxxxxx http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!

Attachment: pgpHCtELEDXwp.pgp
Description: PGP signature



Relevant Pages

  • [kde] Re: plasma-desktop (KDE factory) acting up?
    ... Then I configured sudo to allow my ... While it's for security reasons I limit it, ... command I allow the user to sudo run as root, ... Actually, it seems to work very well for me, as it obeys my configuring it ...
    (KDE)
  • Re: The Coming Greater Depression
    ... and how big a business IT security ... example a linux user group mailing list to find out what is going on... ... sure, and please believe me, the command line is the most powerful ... some extent, but only at the price of a) far less power, and b) far ...
    (rec.martial-arts)
  • Re: Improving FreeBSD-SA-07:01.jail fix [was: HEADS UP: Re: FreeBSD Security Advisory FreeBS
    ... modify shin that way (because he won't be aware that such a change ... may have impact on system security) we will have a security hole. ... It doesn't make sense to reopen the file for a command. ... calculated the probability of this to happen, but I would be very surprised if it is significant. ...
    (freebsd-stable)
  • [SECURITY] telnet client
    ... For general information regarding FreeBSD Security Advisories, ... The telnetcommand is a TELNET protocol client, ... fixed-sized buffer. ... src/UPDATING ...
    (comp.unix.bsd.freebsd.misc)
  • [security bulletin] SSRT4794 rev.0 HPStorageWorks Command View XP access restriction bypass
    ... The information in this Security bulletin should be acted upon ... A potential security vulnerability has been identified in Command ... StorageWorks Disk Array XP128, Surestore Disk Array XP256, ...
    (Bugtraq)