From nobody@FreeBSD.org  Tue Sep 27 13:23:28 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CDE8716A41F
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 27 Sep 2005 13:23:28 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 569B943D53
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 27 Sep 2005 13:23:28 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j8RDNSGZ041107
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 27 Sep 2005 13:23:28 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j8RDNRTf041106;
	Tue, 27 Sep 2005 13:23:27 GMT
	(envelope-from nobody)
Message-Id: <200509271323.j8RDNRTf041106@www.freebsd.org>
Date: Tue, 27 Sep 2005 13:23:27 GMT
From: Mark Bucciarelli <mark@gaiahost.coop>
To: freebsd-gnats-submit@FreeBSD.org
Subject: core dump in jail shows up in security report for all jails on system
X-Send-Pr-Version: www-2.3

>Number:         86630
>Category:       misc
>Synopsis:       core dump in jail shows up in security report for all jails on system
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    csjp
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 27 13:30:10 GMT 2005
>Closed-Date:    Wed Oct 12 17:22:53 GMT 2005
>Last-Modified:  Wed Oct 12 17:22:53 GMT 2005
>Originator:     Mark Bucciarelli
>Release:        5.4
>Organization:
GAIA Host Collective, LLC
>Environment:
Jail container:

FreeBSD agriculture.gaiahost.coop 5.4-RELEASE-p1 FreeBSD 5.4-RELEASE-p1 #0: Fri May 13 16:50:56 UTC
2005     root@agriculture.gaiahost.coop:/usr/obj/usr/src/sys/GAIABSD  i386      
>Description:
This machine has six jails.  Last night, after installing a bunch of php extensions, apachectl start was dumping core.  (This was fixed by portupgrade.)

This morning, my security report emails for each jail (as well as the jail container) all showed the following:

nesea.gaiahost.coop kernel log messages:
> pid 91087 (httpd), uid 0: exited on signal 11 (core dumped)
> pid 91091 (httpd), uid 0: exited on signal 11 (core dumped)
> pid 91424 (httpd), uid 0: exited on signal 11 (core dumped)
>How-To-Repeat:
I suppose just make something core dump in a jail.  I have not tried to duplicate the behavior.
>Fix:
      
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->analyzed 
State-Changed-By: csjp 
State-Changed-When: Wed Sep 28 21:02:26 GMT 2005 
State-Changed-Why:  
I dont think this is an issue. There is a setting which will take care 
of this problem if you feel it's a problem. Try: 

sysctl security.bsd.unprivileged_read_msgbuf=0 

This will prevent unprivileged users, including prison root from 
reading the kernel message buffer. 


Responsible-Changed-From-To: freebsd-bugs->csjp 
Responsible-Changed-By: csjp 
Responsible-Changed-When: Wed Sep 28 21:02:26 GMT 2005 
Responsible-Changed-Why:  
I dont think this is an issue. There is a setting which will take care 
of this problem if you feel it's a problem. Try: 

sysctl security.bsd.unprivileged_read_msgbuf=0 

This will prevent unprivileged users, including prison root from 
reading the kernel message buffer. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=86630 
State-Changed-From-To: analyzed->closed 
State-Changed-By: csjp 
State-Changed-When: Wed Oct 12 17:21:50 GMT 2005 
State-Changed-Why:  
This can be remedied by using: 

sysctl security.bsd.unprivileged_read_msgbuf=0 

http://www.freebsd.org/cgi/query-pr.cgi?pr=86630 
>Unformatted:
