Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 538388

Summary: net-misc/netifrc runs udhcpc as root from a statically linked busybox even on hardened systems
Product: Gentoo Security Reporter: Hugo Mildenberger <Hugo.Mildenberger>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal CC: blueness, chainsaw, netifrc, williamh, zorry
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Hugo Mildenberger 2015-01-31 23:27:00 UTC 
Openrc per default uses netifrc for network clients like udhcpc. netifrc in turn implicitly uses busybox. Busybox in turn gets installed in a statically linked form by some other means, probably with the intention to have it ready in case there are problems with the dynamic linker. In effect all my hardened systems did run a statically linked busybox binary as root:

root      2200     1  0 Jan29 ?        00:00:00 /bin/busybox udhcpc -x hostname samba --interface=enp3s0 --now --script=/lib/netifrc/sh/udhcpc-hook.sh --pidfile=/var/run/udhcpc-e 

Running a statically linked binary as root means that the hardened kernel will be almost unable to intercept an ongoing attac.
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-06-20 14:56:07 UTC 
CCing blueness, maybe hardened has some comment on this report?
Comment 2 William Hubbs gentoo-dev 2015-10-15 01:30:56 UTC 
I am adding netifrc; this is actually an issue with the netifrc scripts
since OpenRC itself doesn't run any dhcp clients.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2016-10-24 21:35:20 UTC 
<hat type="netifrc">
netifrc uses whatever DHCP client you have specified. It has to run them as root (or at least CAP_NET_ADMIN) so they have suitable socket access for sending DHCP requests.

I see two options for you:
- run a non-static busybox
- use a different DHCP client (not from busybox): net-misc/pump, net-misc/dhcpcd, net-misc/dhcp
</hat>

security:
is there a need to keep this bug locked? I don't see it as a legitimate security bug, but rather a product of the user's choices.
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2016-11-27 23:53:58 UTC 
Using whiteboard for netifrc bug tracking.
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2019-04-27 19:29:09 UTC 
Unrestricting.
Comment 6 Aaron Bauman (RETIRED) gentoo-dev 2019-04-27 22:17:27 UTC 
Hardened kernels are no longer supported (dependent on which features one considers).

Bug can also be mitigated dependent on users choice of dhcp daemon.

Concur with Robins comments above.