Date: Sat, 21 Oct 2017 15:29:28 -0400 From: Allan Jude <allanjude@freebsd.org> To: Steve Wills <swills@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r318751 - in head/sys: kern sys Message-ID: <c156a912-6305-4cc4-261c-5545742d9801@freebsd.org> In-Reply-To: <201705231659.v4NGxOB8013882@repo.freebsd.org> References: <201705231659.v4NGxOB8013882@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --PQgM5TCpTanP0vUaA5Ipij1vCTKhkeqTB Content-Type: multipart/mixed; boundary="unnuTAAAXVjLnG1k4kEwmILShSJFFK4KC"; protected-headers="v1" From: Allan Jude <allanjude@freebsd.org> To: Steve Wills <swills@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Message-ID: <c156a912-6305-4cc4-261c-5545742d9801@freebsd.org> Subject: Re: svn commit: r318751 - in head/sys: kern sys References: <201705231659.v4NGxOB8013882@repo.freebsd.org> In-Reply-To: <201705231659.v4NGxOB8013882@repo.freebsd.org> --unnuTAAAXVjLnG1k4kEwmILShSJFFK4KC Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 2017-05-23 12:59, Steve Wills wrote: > Author: swills (ports committer) > Date: Tue May 23 16:59:24 2017 > New Revision: 318751 > URL: https://svnweb.freebsd.org/changeset/base/318751 >=20 > Log: > Add security.bsd.see_jail_proc > =20 > Add security.bsd.see_jail_proc sysctl to hide jail processes from non= -root > users > =20 > Reviewed by: jamie > Approved by: allanjude > Relnotes: yes > Differential Revision: https://reviews.freebsd.org/D10770 >=20 I user was asking about this issue on IRC today. I think I have changed my mind a bit. I think we should make the default be off (so you can't see processes in a jail from the host) by default in 12. And that we should MFC this sysctl to stable/11, but not change the default behaviour there. Anyone else have thoughts? --=20 Allan Jude --unnuTAAAXVjLnG1k4kEwmILShSJFFK4KC-- --PQgM5TCpTanP0vUaA5Ipij1vCTKhkeqTB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJZ66AbAAoJEBmVNT4SmAt+2D4QANZ2Iw5lUqNO9ekgt60kHbVU WHHjBm3Ef3DGSRB4n9trqjSxYvpleaVRaWU/53ns7mah4OqIIhmw/qRQUZaNVkgT 2JF4imxcTqsy3MEtpg9BW/DDJ9XmVmQaKNRFe7TXfhL4P4m4v+Gi8BEVzoRr3Uiu 7xTLzGEGGs9OYANtrtzdx6qMo47DtUeIpsmK5crAezgAU4kBbAnPJv8S5vXUHj22 Avylv3Za0K0ffFs+6+RkENjqgrK1vkWpAymPzMpZv/EPvQ+30FLGxg8DwmIC5huB HOQXoXCGHJ3l6a3N9VelQ3vOaTigm4R9Zsl6NLpqzD1MRffnKguGkcuWGHlarY8c GTLSHYkBvkWwJAhJnMQ5P0l+QgavAh4NnaDCS9Z1H7FXrEifXOqppd+EVuONYB1V cokRWjT4eX2dPkn3YesS/Gfabz4O3wSLeXBFVd/oPJeLyLQ8/rlVB+eX1+6wlg4P oF/mIHfpSs+5VVqmIL6a76jVLDzW1V44qyyTbe7ymS/FqnlAfLEM4ZCp7CFhnCb+ RmB5ypIJbNHLz3zVvZENhfOdTPZnBnBhpFT1U4HNOfAEtR7Nyb/uOr+NZz2B0+if zq6QNgTiZSUV+rMHyQgH94wKevElFzNjF5SnNHVNffUtYzclh2lPbMZa75CFPJf9 tFgT5HwKjkWtYcOgS84m =CUxj -----END PGP SIGNATURE----- --PQgM5TCpTanP0vUaA5Ipij1vCTKhkeqTB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c156a912-6305-4cc4-261c-5545742d9801>