jail and chflags [patch]
Pawel Jakub Dawidek
pjd at FreeBSD.org
Sat May 15 13:04:06 PDT 2004
On Sat, May 15, 2004 at 07:52:15PM +0200, Pawel Jakub Dawidek wrote:
+> On Fri, May 14, 2004 at 05:25:16PM -0700, Julian Elischer wrote:
+> +> in fact experimentation in -current shows this to be correct..
+> +> in a jail:
+> +>
+> +> xxx# chflags noschg libthr.so.1
+> +> xxx# ls -lo libthr.so.1
+> +> -r--r--r-- 1 root wheel - 611568 May 15 00:02 libthr.so.1
+> +> xxx# chflags schg libthr.so.1
+> +> xxx# ls -lo libthr.so.1
+> +> -r--r--r-- 1 root wheel schg 611568 May 15 00:02 libthr.so.1
+> +> xxx#
+> +>
+> +> comments? yeahs? neys?
+>
+> Whoa! This looks very serious.
Ok, false alarm:) After discussion with rwatson@ and cperciva@, it looks
that changing those flags is permitted due to per-jail securelevels,
which were intruduced in 5.x.
--
Pawel Jakub Dawidek http://www.FreeBSD.org
pjd at FreeBSD.org http://garage.freebsd.pl
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-current/attachments/20040515/a6234ec0/attachment.bin
More information about the freebsd-current
mailing list