Jail sysctls and new flags to sysctls.
Pawel Jakub Dawidek
nick at garage.freebsd.pl
Thu Jul 17 15:26:31 PDT 2003
On Thu, Jul 17, 2003 at 06:07:48PM +0200, Pawel Jakub Dawidek wrote:
+> Patch add also two flags to sysctls:
+> CTLFLAG_USERINV - sysctl is invisible for unprivileged users
+> CTLFLAG_JAILINV - sysctl is invisible in jail environment
Note, that things like security.bsd.unprivileged_read_msgbuf (protecting
two sysctls from reading) could be made in general way with those flags
and any sysctl or sysctls node could be protected with them.
--
Pawel Jakub Dawidek pawel at dawidek.net
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20030718/9dbb4186/attachment.bin
More information about the freebsd-hackers
mailing list