Closing information leaks in jails?
Pawel Jakub Dawidek
pjd at FreeBSD.org
Fri Aug 19 13:10:39 GMT 2005
On Thu, Aug 18, 2005 at 05:18:30PM +0200, Benjamin Lutz wrote:
+> > - full dmesg output after boot and the kernel buffer when it overflows
+> > (can contain sensitive information)
+>
+> If it's sensitive in so far as it endangers the privacy of local
+> non-jailed users, I think that's a bug that'd need fixing.
sysctl security.bsd.unprivileged_read_msgbuf=0
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050819/b979c52d/attachment.bin
More information about the freebsd-security
mailing list