cvs commit: src/sys/kern kern_jail.c
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sun Feb 15 08:39:07 PST 2004
On Sun, Feb 15, 2004 at 08:34:21AM -0800, Julian Elischer wrote:
+> > How about we wait three weeks and see if anyone complains on
+> > freebsd-current about the loss of functionality -- if no one says
+> > anything, we remove the sysctl?
+>
+> In scripts I use the fact that "df /" in a jail returns the size of
+> some other filesystem to see if I'm in a jail.
+> I've asked before for a simple sysctl to let me know if I'm in a jail
+> but the response was generally -ve..
+> you sometimes need to be able to know you are in a jail so that you can
+> know not to attempt things that are not permitted in jails..
+> (e.g. pings, or ifconfig'ing network interfaces)
security.jail.jailed?
Yes, it is important sometimes. With such sysctl we will be able to teach
our start scripts to respect it.
--
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20040215/298651e7/attachment.bin
More information about the cvs-src
mailing list