diff options
| author | rwatson <rwatson@FreeBSD.org> | 2000-10-31 01:34:00 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2000-10-31 01:34:00 +0000 |
| commit | e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3 (patch) | |
| tree | 997462626f7687a9313713167612f39d8dec1084 /sys/kern/sysv_msg.c | |
| parent | 44bd1e3405849fed4c24b6701de82eb9d1a5906f (diff) | |
| download | FreeBSD-src-e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3.zip FreeBSD-src-e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3.tar.gz | |
o Deny access to System V IPC from within jail by default, as in the
current implementation, jail neither virtualizes the Sys V IPC namespace,
nor provides inter-jail protections on IPC objects.
o Support for System V IPC can be enabled by setting jail.sysvipc_allowed=1
using sysctl.
o This is not the "real fix" which involves virtualizing the System V
IPC namespace, but prevents processes within jail from influencing those
outside of jail when not approved by the administrator.
Reported by: Paulo Fragoso <paulo@nlink.com.br>
Diffstat (limited to 'sys/kern/sysv_msg.c')
| -rw-r--r-- | sys/kern/sysv_msg.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/sys/kern/sysv_msg.c b/sys/kern/sysv_msg.c index ff4729e..6b8ab1e 100644 --- a/sys/kern/sysv_msg.c +++ b/sys/kern/sysv_msg.c @@ -30,6 +30,7 @@ #include <sys/sysent.h> #include <sys/sysctl.h> #include <sys/malloc.h> +#include <sys/jail.h> static MALLOC_DEFINE(M_MSG, "msg", "SVID compatible message queues"); @@ -210,6 +211,9 @@ msgsys(p, uap) } */ *uap; { + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + if (uap->which >= sizeof(msgcalls)/sizeof(msgcalls[0])) return (EINVAL); return ((*msgcalls[uap->which])(p, &uap->a2)); @@ -263,6 +267,9 @@ msgctl(p, uap) printf("call to msgctl(%d, %d, 0x%x)\n", msqid, cmd, user_msqptr); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + msqid = IPCID_TO_IX(msqid); if (msqid < 0 || msqid >= msginfo.msgmni) { @@ -399,6 +406,9 @@ msgget(p, uap) printf("msgget(0x%x, 0%o)\n", key, msgflg); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + if (key != IPC_PRIVATE) { for (msqid = 0; msqid < msginfo.msgmni; msqid++) { msqptr = &msqids[msqid]; @@ -511,6 +521,9 @@ msgsnd(p, uap) msgflg); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + msqid = IPCID_TO_IX(msqid); if (msqid < 0 || msqid >= msginfo.msgmni) { @@ -835,6 +848,9 @@ msgrcv(p, uap) msgsz, msgtyp, msgflg); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + msqid = IPCID_TO_IX(msqid); if (msqid < 0 || msqid >= msginfo.msgmni) { |
