os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/share/security/advisories/FreeBSD-EN-07:03.rc.d_jail.asc
Bjoern A. Zeeb 3571e53040 Import FreeBSD Security Advisories and Errata Notices, as well as their 
patches for easier mirroring, to eliminate a special copy, to make
www.freebsd.org/security a full copy of security.freebsd.org and be
eventually be the same.

For now files are just sitting there.   The symlinks are missing.

Discussed on:	www (repository location)
Discussed with:	simon (so)
2012-08-15 06:19:40 +00:00

104 lines
3.7 KiB
Text
Raw Blame History

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-EN-07:03.rc.d_jail Errata Notice
The FreeBSD Project
Topic: rc.d jail script interface IP alias removal
Category: core
Module: etc_rc.d
Announced: 2007-02-28
Credits: Philipp Wuensche
Affects: FreeBSD 6.2-RELEASE.
Corrected: 2007-01-02 11:14:07 UTC (RELENG_6, 6.2-STABLE)
2007-02-28 18:24:37 UTC (RELENG_6_2, 6.2-RELEASE-p2)
For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.
I. Background
The jail(2) system call allows a system administrator to lock a process
and all of its descendants inside an environment with a very limited
ability to affect the system outside that environment, even for
processes with superuser privileges. It is an extension of, but
far more powerful than, the traditional UNIX chroot(2) system call.
The host's jail rc.d(8) script can be used to start and stop jails
automatically on system boot/shutdown. The jail_interface rc.conf(5)
variable can be used to automatically add and remove an IP address on
a specific network interface when a jail starts and stops.
II. Problem Description
A cleanup of the rc.d jail script did not rename the variables used by
the jail_interface feature when removing the IP address in the case
where the jail startup fails. This may result in ifconfig(8) being
run with incorrect arguments.
III. Impact
Since the wrong variable is used, in some cases, ifconfig(8) will
remove an arbitrary IP address instead of the IP address of the jail
if startup of a jail fails. It may be possible for a user with root
access in a jail to provoke this situation by intentionally making
jail startup fail.
IV. Workaround
Do not use the jail_interface feature; instead, manually configure IP
addresses for the jails.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE, or to the RELENG_6_2
security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.2
systems.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch http://security.FreeBSD.org/patches/EN-07:03/rc.d_jail.patch
# fetch http://security.FreeBSD.org/patches/EN-07:03/rc.d_jail.patch.asc
b) Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
# install -o root -g wheel -m 555 etc/rc.d/jail /etc/rc.d
VI. Correction details
The following list contains the revision numbers of each file that was
corrected in FreeBSD.
Branch Revision
Path
- -------------------------------------------------------------------------
RELENG_6
src/etc/rc.d/jail 1.23.2.8
RELENG_6_2
src/UPDATING 1.416.2.29.2.5
src/sys/conf/newvers.sh 1.69.2.13.2.5
src/etc/rc.d/jail 1.23.2.7.2.2
- -------------------------------------------------------------------------
The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-07:03.rc.d_jail.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)
iD8DBQFF5ct8FdaIBMps37IRAu3qAKCHNEFb/kqTVyFSllHyG6YOg+qccACfbmfI
CiEeWDDU73GVG+T15VeGH2Q=
=EQyo
-----END PGP SIGNATURE-----
Reference in a new issue View git blame Copy permalink