svn commit: r191598 - in releng/7.2: usr.bin/cpuset usr.sbin/jail
Christian Brueffer
brueffer at FreeBSD.org
Mon Apr 27 20:38:28 UTC 2009
Author: brueffer
Date: Mon Apr 27 20:38:27 2009
New Revision: 191598
URL: http://svn.freebsd.org/changeset/base/191598
Log:
Document an issue of jail(8) in conjunction with cpuset(1).
Problem reported by: Miroslav Lachman <000.fbsd at quip.cz>
Reviewed by: bz
Approved by: re (kib)
Modified:
releng/7.2/usr.bin/cpuset/cpuset.1
releng/7.2/usr.sbin/jail/jail.8
Modified: releng/7.2/usr.bin/cpuset/cpuset.1
==============================================================================
--- releng/7.2/usr.bin/cpuset/cpuset.1 Mon Apr 27 20:23:22 2009 (r191597)
+++ releng/7.2/usr.bin/cpuset/cpuset.1 Mon Apr 27 20:38:27 2009 (r191598)
@@ -177,3 +177,9 @@ command first appeared in
.Fx 7.1 .
.Sh AUTHORS
.An Jeffrey Roberson Aq jeff at FreeBSD.org
+.Sh BUGS
+At the moment it is possible for a superuser inside a
+.Xr jail 8
+to modify the root
+.Xr cpuset 2
+of that jail.
Modified: releng/7.2/usr.sbin/jail/jail.8
==============================================================================
--- releng/7.2/usr.sbin/jail/jail.8 Mon Apr 27 20:23:22 2009 (r191597)
+++ releng/7.2/usr.sbin/jail/jail.8 Mon Apr 27 20:38:27 2009 (r191598)
@@ -699,3 +699,9 @@ Currently, the simplest answer is to min
offered on the host, possibly limiting it to services offered from
.Xr inetd 8
which is easily configurable.
+.Pp
+At the moment it is possible for a superuser inside a
+.Nm
+to modify the root
+.Xr cpuset 2
+of that jail.
More information about the svn-src-all
mailing list