Bug 21463 - [linux] Linux compatability mode should not allow setuid programs
Summary: [linux] Linux compatability mode should not allow setuid programs
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 1.0-RELEASE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2000-09-22 01:50 UTC by Kris Kennaway
Modified: 2020-07-27 18:29 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kris Kennaway freebsd_committer 2000-09-22 01:50:00 UTC
Linux compat mode should disallow the execution of setugid applications
by default, to protect us against linux userland vulnerabilities as well
as subtle interactions between the kernel privilege model in Linux and
FreeBSD which may introduce security problems of its own (e.g. allowing
a linux binary to do things which a freebsd native binary compiled from 
the same code cannot do)

We don't have any setugid binaries installed from the linux_base and
linux_devtools ports so this won't affect the default system. I suggest
a sysctl, defaulting to off, which controls whether or not emulated
binaries can run with privileges.

This is also an issue with other binary compatability systems like SVR4
and should also be fixed there too.
Comment 1 Kris Kennaway freebsd_committer 2000-09-22 01:51:35 UTC
Responsible Changed
From-To: freebsd-bugs->marcel

Marcel maintains the Linux compat code
Comment 2 Marcel Moolenaar freebsd_committer 2001-11-18 06:15:43 UTC
Responsible Changed
From-To: marcel->emulation

Assign to emulation@FreeBSD.org. It is not going to be addressed if 
it's assigned to me and I don't do it. Maintainership of the Linuxulator 
has been passed on to emulation@FreeBSD.org as well.
Comment 3 Eitan Adler freebsd_committer freebsd_triage 2011-09-24 05:13:31 UTC
State Changed
From-To: open->suspended

suspended awaiting patches
Comment 4 Eitan Adler freebsd_committer freebsd_triage 2011-09-24 05:32:53 UTC
Responsible Changed
From-To: freebsd-emulation->eadler

ping gcooper in a few weeks about this
Comment 5 Eitan Adler freebsd_committer freebsd_triage 2012-05-07 04:49:00 UTC
State Changed
From-To: suspended->open

suspended is not appropriate for real bugs
Comment 6 Eitan Adler freebsd_committer freebsd_triage 2012-06-19 07:55:37 UTC
Responsible Changed
From-To: eadler->freebsd-bugs

not going to get to this one for some time so return to the pool
Comment 7 Eitan Adler freebsd_committer freebsd_triage 2012-11-26 23:24:10 UTC
---------- Forwarded message ----------
From: Marcin Cieslak <saper@saper.info>
Date: 26 November 2012 16:24
Subject: Re: kern/21463: [linux] Linux compatability mode should not
allow setuid programs
To: freebsd-emulation@freebsd.org


We implement AT_UID and AT_GID process auxillary vector
(procstat -x) elements so at least userland library
(such as glibc) has a possibility to enter "secure mode"
on startup.

Not sure if there is anything we can do more (except
for disabling the feature altogether) to tell userland
to be careful.

//Marcin

_______________________________________________
freebsd-emulation@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-emulation
To unsubscribe, send any mail to "freebsd-emulation-unsubscribe@freebsd.org"


-- 
Eitan Adler
Comment 8 saper 2012-11-26 23:30:51 UTC
From: Marcin Cieslak <saper@saper.info>
Newsgroups: gmane.os.freebsd.devel.emulation
Subject: Re: kern/21463: [linux] Linux compatability mode should not allow setuid programs

We implement AT_UID and AT_GID process auxillary vector
(procstat -x) elements so at least userland library
(such as glibc) has a possibility to enter "secure mode"
on startup.

Not sure if there is anything we can do more (except
for disabling the feature altogether) to tell userland
to be careful.

//Marcin

_______________________________________________
freebsd-emulation@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-emulation
To unsubscribe, send any mail to "freebsd-emulation-unsubscribe@freebsd.org"
Comment 9 Eitan Adler freebsd_committer freebsd_triage 2012-11-27 01:44:53 UTC
---------- Forwarded message ----------
From: Mateusz Guzik <mjguzik@gmail.com>
Date: 26 November 2012 20:42
Subject: Re: kern/21463: [linux] Linux compatability mode should not
allow setuid programs
To: freebsd-bugs@freebsd.org


Hi,

I think we should go a step futher and get per-jail support for
enabling/disabling Linux compatibility support, possibly along with the
ability to control sugid programs.

I don't have time to work on this at the moment though.

--
Mateusz Guzik <mjguzik gmail.com>
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org"


-- 
Eitan Adler
Comment 10 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:00:15 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped