From owner-cvs-all@FreeBSD.ORG Wed Jul 14 19:04:31 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C176C16A4CE; Wed, 14 Jul 2004 19:04:31 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id A5F7B43D58; Wed, 14 Jul 2004 19:04:31 +0000 (GMT) (envelope-from csjp@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.11/8.12.11) with ESMTP id i6EJ4V1T016423; Wed, 14 Jul 2004 19:04:31 GMT (envelope-from csjp@repoman.freebsd.org) Received: (from csjp@localhost) by repoman.freebsd.org (8.12.11/8.12.11/Submit) id i6EJ4VKD016422; Wed, 14 Jul 2004 19:04:31 GMT (envelope-from csjp) Message-Id: <200407141904.i6EJ4VKD016422@repoman.freebsd.org> From: "Christian S.J. Peron" Date: Wed, 14 Jul 2004 19:04:31 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: src/sys/kern kern_descrip.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Jul 2004 19:04:32 -0000 csjp 2004-07-14 19:04:31 UTC FreeBSD src repository Modified files: sys/kern kern_descrip.c Log: In addition to the real user ID check, do an explicit jail check to ensure that the caller is not prison root. The intention is to fix file descriptor creation so that prison root can not use the last remaining file descriptors. This privilege should be reserved for non-jailed root users. Approved by: bmilekic (mentor) Revision Changes Path 1.236 +3 -2 src/sys/kern/kern_descrip.c