From utisoft@gmail.com  Thu May 26 07:32:40 2011
Return-Path: <utisoft@gmail.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4C89F106564A;
	Thu, 26 May 2011 07:32:40 +0000 (UTC)
	(envelope-from utisoft@gmail.com)
Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com [209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 764FA8FC16;
	Thu, 26 May 2011 07:32:39 +0000 (UTC)
Received: by bwz12 with SMTP id 12so283881bwz.13
        for <multiple recipients>; Thu, 26 May 2011 00:32:38 -0700 (PDT)
Received: by 10.204.151.204 with SMTP id d12mr316734bkw.127.1306395158230;
 Thu, 26 May 2011 00:32:38 -0700 (PDT)
Received: by 10.205.65.198 with HTTP; Thu, 26 May 2011 00:32:08 -0700 (PDT)
Message-Id: <BANLkTimjYOzB+hHGGER3vLdZEEtZ7-7+hQ@mail.gmail.com>
Date: Thu, 26 May 2011 08:32:08 +0100
From: Chris Rees <utisoft@gmail.com>
Reply-To: utisoft@gmail.com
To: Kostik Belousov <kostikbel@gmail.com>
Cc: Colin Percival <cperciva@freebsd.org>, bug-followup@freebsd.org, 
	Benedict Reuschling <bcr@freebsd.org>, Jilles Tjoelker <jilles@stack.nl>
In-Reply-To: <20110526001815.GD48734@deviant.kiev.zoral.com.ua>
Subject: Re: Fwd: docs/156853: [patch] Update docs: jail(8) security issues
 with world-readable jail root
References: <4DD90459.3010200@FreeBSD.org> <20110522191752.GR48734@deviant.kiev.zoral.com.ua>
 <4DDB76E7.4020602@freebsd.org> <BANLkTikMVLUKxs0TSjaGkSrh1YtHj81NZA@mail.gmail.com>
 <20110526001815.GD48734@deviant.kiev.zoral.com.ua>

>Number:         157335
>Category:       docs
>Synopsis:       Re: docs/156853: [patch] Update docs: jail(8) security issues with world-readable jail root
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 26 07:40:04 UTC 2011
>Closed-Date:    Thu May 26 14:06:36 UTC 2011
>Last-Modified:  Thu May 26 14:06:36 UTC 2011
>Originator:     
>Release:        
>Organization:
>Environment:
>Description:
 On 26 May 2011 01:18, Kostik Belousov <kostikbel@gmail.com> wrote:
 
 > Now you are referencing some unspecified "file descriptors" handling
 > issues that are present for nullfs but not for NFS. What are they ?
 
 I referenced a conversation earlier:
 
 On 22 May 2011 20:32, Chris Rees <utisoft@gmail.com> wrote:
 
 > From IRC (I don't want to attribute without permission):
 >
 > user in jail1 passes fd to directory to user in jail2
 > if these are disjoint jails, the kernel will not know to restrict the
 > process in jail2 to any jail base directory
 > (the process in jail2 will fchdir(fd), chdir("../../../../.."))
 > man 4 unix, /SCM_RIGHTS
 > though this is only an issue if one of the untrusted users can write
 
 
 Chris
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Thu May 26 14:03:09 UTC 2011 
State-Changed-Why:  
Misfiled followup to docs/156853; content migrated. 


Responsible-Changed-From-To: gnats-admin->freebsd-doc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Thu May 26 14:03:09 UTC 2011 
Responsible-Changed-Why:  

http://www.freebsd.org/cgi/query-pr.cgi?pr=157335 
>Unformatted:
