Greetings ! At boot time when it appears starting jails , if u press ctrl + \ and enter after, you can log in as root. I think this is a very insecure option. or bug idk.
reclassify.
Are you logged into the jail, or the host?
(In reply to Mark Linimon from comment #1) (In reply to Allan Jude from comment #2) When my machine boots up right before appearing of login: it starts the jails one the machine. and when it appears on screen " starting jails:" if u press ctrl + backslash u get into root. this is all. is this a security issue ?
Created attachment 164965 [details] /etc/rc.d/jail core dump
I've reproduced this on 11-CURRENT (FreeBSD mpc.hjemme 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r293047M: Sat Jan 2 12:16:07 CET 2016 root@mpc.hjemme:/usr/obj/usr/src/sys/GENERIC amd64) When I press ctrl + \ while jails are being started, I see a notice about a core dump (attached) and I get the prompt to select which shell to use for single-user mode. When selecting shell, I have single-user mode on host system. This is with the default setting in /etc/ttys, where local console is considered secure. I tried pressing ctrl + \ constantly during rc.d execution but not during /etc/rc.d/jail script exectution, and this behaviour was NOT happening. It seems to be specific to the /etc/rc.d/jail script. Once I entered single-user mode, I saw all jails had started, even though the core dump and single-user mode happened while jail 2 out of 8 were being started. If I set local console to not be considered secure (i.e. require password to enter single-user mode), I am prompted for root password. This is definitely a bug, but considering it doesn't let you skip password on insecure console I wouldn't consider it a security issue. Please let me know if any more details are required to solve this problem.
This behavior seems normal and expected to me. I also tried repeatedly pressing ctrl-\ during a no-jails boot, and it gave me the single-user shell prompt. So this isn't just a jail situation. A simple glance at /etc/rc shows it's the desired behavior; look at the beginning of /etc/rc: | # Set shell to ignore SIGINT (2), but not children; | # shell catches SIGQUIT (3) and returns to single user. | # | trap : 2 | trap "echo 'Boot interrupted'; exit 1" 3 So not only is this just what the trap command did, it's exactly what the comment said it would do, as noted in base r130161. Am I missing something, or should I just close this?
If you want to not allow access to single user mode without a password prompt, try changing /etc/ttys to mark 'console' as 'insecure' from /etc/ttys: # If console is marked "insecure", then init will ask for the root password when going to single-user mode.
(In reply to Jamie Gritton from comment #6) With that in mind, I'll agree this PR can be closed.