Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 9 Feb 2005 18:32:10 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Colin Percival <cperciva@freebsd.org>
Cc:        cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/kern kern_jail.c src/sys/sys jail.h src/sys/ufs/ufs ufs_vnops.c src/usr.sbin/jail jail.8
Message-ID:  <20050209173210.GX1080@darkness.comp.waw.pl>
In-Reply-To: <420A474A.1050901@freebsd.org>
References:  <200502082131.j18LVBBd031393@repoman.freebsd.org> <20050208215041.GP1080@darkness.comp.waw.pl> <420A474A.1050901@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--DMefDzZywwCHZelG
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 09, 2005 at 05:24:26PM +0000, Colin Percival wrote:
+> Pawel Jakub Dawidek wrote:
+> >On Tue, Feb 08, 2005 at 09:31:11PM +0000, Colin Percival wrote:
+> >+>   Add a new sysctl, "security.jail.chflags_allowed", which controls =
the
+> >+>   behaviour of chflags within a jail.  If set to 0 (the default), th=
en a
+> >+>   jailed root user is treated as an unprivileged user; if set to 1, =
then
+> >+>   a jailed root user is treated the same as an unjailed root user.
+> >
+> >More than that. It should be allowed in the future by default=20
+>=20
+> Don't you think it's better to err on the side of security?  There
+> are certainly times when allowing a jailed user to manipulate system
+> file flags could cause (non-obvious) problems, while any failure
+> caused by an inability to set these flags will be immediately obvious.

I think, this behaviour was introduced in RELENG_4, because of lack
per-jail securelevels. Now we have those and I think we should not add
yet another sysctl for jails, securelevel is enough IMHO.

+> Also, I'm planning on MFCing this to RELENG_5, and we definitely don't
+> want the default behaviour to change there.

Sure.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--DMefDzZywwCHZelG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFCCkkaForvXbEpPzQRAqEiAJ0QSkBWzA3y2YYH0oDz7zyIF2Z3dQCeNM8n
kuICzjIx5Y5w7cOgMQ9ZF/g=
=qnYH
-----END PGP SIGNATURE-----

--DMefDzZywwCHZelG--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050209173210.GX1080>