Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 27 Apr 2009 20:18:01 +0000 (UTC)
From:      Christian Brueffer <brueffer@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org
Subject:   svn commit: r191596 - in stable/7: usr.bin/cpuset usr.sbin/jail
Message-ID:  <200904272018.n3RKI14X025813@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: brueffer
Date: Mon Apr 27 20:18:01 2009
New Revision: 191596
URL: http://svn.freebsd.org/changeset/base/191596

Log:
  Document an issue of jail(8) in conjunction with cpuset(1).
  
  Problem reported by:	Miroslav Lachman <000.fbsd@quip.cz>
  Reviewed by:	bz
  Approved by:	re (kib)

Modified:
  stable/7/usr.bin/cpuset/cpuset.1
  stable/7/usr.sbin/jail/jail.8

Modified: stable/7/usr.bin/cpuset/cpuset.1
==============================================================================
--- stable/7/usr.bin/cpuset/cpuset.1	Mon Apr 27 20:13:13 2009	(r191595)
+++ stable/7/usr.bin/cpuset/cpuset.1	Mon Apr 27 20:18:01 2009	(r191596)
@@ -177,3 +177,9 @@ command first appeared in
 .Fx 7.1 .
 .Sh AUTHORS
 .An Jeffrey Roberson Aq jeff@FreeBSD.org
+.Sh BUGS
+At the moment it is possible for a superuser inside a
+.Xr jail 8
+to modify the root
+.Xr cpuset 2
+of that jail.

Modified: stable/7/usr.sbin/jail/jail.8
==============================================================================
--- stable/7/usr.sbin/jail/jail.8	Mon Apr 27 20:13:13 2009	(r191595)
+++ stable/7/usr.sbin/jail/jail.8	Mon Apr 27 20:18:01 2009	(r191596)
@@ -699,3 +699,9 @@ Currently, the simplest answer is to min
 offered on the host, possibly limiting it to services offered from
 .Xr inetd 8
 which is easily configurable.
+.Pp
+At the moment it is possible for a superuser inside a
+.Nm
+to modify the root
+.Xr cpuset 2
+of that jail.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904272018.n3RKI14X025813>