diff options
| author | rwatson <rwatson@FreeBSD.org> | 2000-10-31 01:34:00 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2000-10-31 01:34:00 +0000 |
| commit | e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3 (patch) | |
| tree | 997462626f7687a9313713167612f39d8dec1084 /sys/kern/sysv_sem.c | |
| parent | 44bd1e3405849fed4c24b6701de82eb9d1a5906f (diff) | |
| download | FreeBSD-src-e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3.zip FreeBSD-src-e1bb04b4d38e6ec7620efea36cb2e8a7c68390a3.tar.gz | |
o Deny access to System V IPC from within jail by default, as in the
current implementation, jail neither virtualizes the Sys V IPC namespace,
nor provides inter-jail protections on IPC objects.
o Support for System V IPC can be enabled by setting jail.sysvipc_allowed=1
using sysctl.
o This is not the "real fix" which involves virtualizing the System V
IPC namespace, but prevents processes within jail from influencing those
outside of jail when not approved by the administrator.
Reported by: Paulo Fragoso <paulo@nlink.com.br>
Diffstat (limited to 'sys/kern/sysv_sem.c')
| -rw-r--r-- | sys/kern/sysv_sem.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/kern/sysv_sem.c b/sys/kern/sysv_sem.c index 3d4fbdd..f616f6e 100644 --- a/sys/kern/sysv_sem.c +++ b/sys/kern/sysv_sem.c @@ -19,6 +19,7 @@ #include <sys/sysent.h> #include <sys/sysctl.h> #include <sys/malloc.h> +#include <sys/jail.h> static MALLOC_DEFINE(M_SEM, "sem", "SVID compatible semaphores"); @@ -201,6 +202,9 @@ semsys(p, uap) } */ *uap; { + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + if (uap->which >= sizeof(semcalls)/sizeof(semcalls[0])) return (EINVAL); return ((*semcalls[uap->which])(p, &uap->a2)); @@ -407,6 +411,9 @@ __semctl(p, uap) printf("call to semctl(%d, %d, %d, 0x%x)\n", semid, semnum, cmd, arg); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + semid = IPCID_TO_IX(semid); if (semid < 0 || semid >= seminfo.semmsl) return(EINVAL); @@ -567,6 +574,9 @@ semget(p, uap) printf("semget(0x%x, %d, 0%o)\n", key, nsems, semflg); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + if (key != IPC_PRIVATE) { for (semid = 0; semid < seminfo.semmni; semid++) { if ((sema[semid].sem_perm.mode & SEM_ALLOC) && @@ -685,6 +695,9 @@ semop(p, uap) printf("call to semop(%d, 0x%x, %d)\n", semid, sops, nsops); #endif + if (!jail_sysvipc_allowed && p->p_prison != NULL) + return (ENOSYS); + semid = IPCID_TO_IX(semid); /* Convert back to zero origin */ if (semid < 0 || semid >= seminfo.semmsl) |
