Date: Fri, 18 Jul 2003 00:32:22 +0200 From: Pawel Jakub Dawidek <nick@garage.freebsd.pl> To: freebsd-hackers@freebsd.org Subject: Re: Jail sysctls and new flags to sysctls. Message-ID: <20030717223222.GE4973@garage.freebsd.pl> In-Reply-To: <20030717160748.GA4973@garage.freebsd.pl> References: <20030717160748.GA4973@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
--YiJbW+tan0O55Ijl Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 17, 2003 at 06:07:48PM +0200, Pawel Jakub Dawidek wrote: +> Patch add also two flags to sysctls: +> CTLFLAG_USERINV - sysctl is invisible for unprivileged users +> CTLFLAG_JAILINV - sysctl is invisible in jail environment Note, that things like security.bsd.unprivileged_read_msgbuf (protecting two sysctls from reading) could be made in general way with those flags and any sysctl or sysctls node could be protected with them. --=20 Pawel Jakub Dawidek pawel@dawidek.net UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net --YiJbW+tan0O55Ijl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iQCVAwUBPxcj9j/PhmMH/Mf1AQE3wwQApDrJKIbEHvC0WcqbiQ+WlVA6OEzy18tE FHhNd4gD7HeTpKDAQniQDQDuagRFFMQcImmKufZKY5Z/S97ROYSpyaKIj21nAq90 6SjZrbOSbgI/LI0f5EoKRwFLlvGZ3AJWk9IEm+qd7qYMnH+zVsIHqinqToZ3qnQp AQ+DPYwLTBg= =ibmr -----END PGP SIGNATURE----- --YiJbW+tan0O55Ijl--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030717223222.GE4973>