From owner-freebsd-security Sat Sep 18 10:54: 5 1999 Delivered-To: freebsd-security@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 166F71500C for ; Sat, 18 Sep 1999 10:54:01 -0700 (PDT) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id KAA52921; Sat, 18 Sep 1999 10:53:27 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <199909181753.KAA52921@gndrsh.dnsmgr.net> Subject: Re: BPF on in 3.3-RC GENERIC kernel In-Reply-To: <12085.937675580@critter.freebsd.dk> from Poul-Henning Kamp at "Sep 18, 1999 07:26:20 pm" To: phk@critter.freebsd.dk (Poul-Henning Kamp) Date: Sat, 18 Sep 1999 10:53:27 -0700 (PDT) Cc: imp@village.org (Warner Losh), liam@tiora.net (Liam Slusser), kdrobnac@mission.mvnc.edu (Kenny Drobnack), Harry_M_Leitzell@cmu.edu (Harry M. Leitzell), security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > In message <199909172158.OAA49373@gndrsh.dnsmgr.net>, "Rodney W. Grimes" writes > : > >> In message <199909172048.OAA05040@harmony.village.org>, Warner Losh writes: > >> >In message <5082.937599515@critter.freebsd.dk> Poul-Henning Kamp writes: > >> >: There is a new kid in town if it comes to fortifying your FreeBSD > >> >: box: jail(2|8) > >> > > >> >Is jail(2) in 3.3R? Or just -current? I ask because I had to have > >> >different suser tests depending on 3.x and 4.0 in the chflags security > >> >patches. > >> > >> Only current. I have no MFC plans. > >> Although it could be trivially done I don't think there currently is > >> a market demand for doing so, and I don't have the time anyway... > > > >I've been waiting for this to MFC so that we could use it through out > >our AS. I can't run -current on production servers, I would start > >building jails within days of this being MFC'ed. > > > >There.. some ``market demand''. > > Yeah, well, that was only half the problem... Okay, it sounds like the code is ready to MFC, if I do the work and send you a set of patches will you at least eyeball them for sanity? -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message