Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Apr 2004 22:57:33 +0300
From:      Alex Lyashkov <shadow@psoft.net>
To:        Bosko Milekic <bmilekic@FreeBSD.org>
Cc:        cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/kern kern_jail.c src/sys/net rtsock.c src/sys/netinet raw_ip.c src/sys/sys jail.h
Message-ID:  <1083009453.8282.76.camel@berloga.shadowland>
In-Reply-To: <200404261946.i3QJkqTK090160@repoman.freebsd.org>
References:  <200404261946.i3QJkqTK090160@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
=F7 =F0=CE=C4, 26.04.2004, =D7 22:46, Bosko Milekic =D0=C9=DB=C5=D4:
> bmilekic    2004/04/26 12:46:52 PDT
>=20
>   FreeBSD src repository
>=20
>   Modified files:
>     sys/kern             kern_jail.c=20
>     sys/net              rtsock.c=20
>     sys/netinet          raw_ip.c=20
>     sys/sys              jail.h=20
>   Log:
>   Give jail(8) the feature to allow raw sockets from within a
>   jail, which is less restrictive but allows for more flexible
>   jail usage (for those who are willing to make the sacrifice).
>   The default is off, but allowing raw sockets within jails can
>   now be accomplished by tuning security.jail.allow_raw_sockets
>   to 1.
>  =20
>   Turning this on will allow you to use things like ping(8)
>   or traceroute(8) from within a jail.
>  =20
>   The patch being committed is not identical to the patch
>   in the PR.  The committed version is more friendly to
>   APIs which pjd is working on, so it should integrate
>   into his work quite nicely.  This change has also been
>   presented and addressed on the freebsd-hackers mailing
>   list.
>  =20
>   Submitted by: Christian S.J. Peron <maneo@bsdpro.com>
>   PR: kern/65800
>  =20
>   Revision  Changes    Path
>   1.42      +5 -0      src/sys/kern/kern_jail.c
>   1.108     +13 -2     src/sys/net/rtsock.c
>   1.129     +31 -2     src/sys/netinet/raw_ip.c
>   1.21      +1 -0      src/sys/sys/jail.h
You not think more and more right way port vimage
(http://www.tel.fer.hr/zec/vimage/) to FreeBSD 5 ?
Author not have time to start porting, but it project is very well then
this hack.

--=20
Alex Lyashkov <shadow@psoft.net>
PSoft

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1083009453.8282.76.camel>