[Bug 211580] deny system message buffer access from jails

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Thu Aug 4 15:26:08 UTC 2016


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211580

            Bug ID: 211580
           Summary: deny system message buffer access from jails
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: bz at FreeBSD.org

We should prevent jails from being able to read the kernel message buffer (deny
dmesg).  That seems to currently be possible...

root@:/ # sysctl -a | grep jailed
security.jail.jailed: 1
root@:/ # dmesg | wc -l
    1771
root@:/ #

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-bugs mailing list