[HACKERS] semaphore usage "port based"?
Kris Kennaway
kris at obsecurity.org
Mon Apr 3 03:21:31 UTC 2006
On Sun, Apr 02, 2006 at 11:17:49PM -0400, Tom Lane wrote:
> Kris Kennaway <kris at obsecurity.org> writes:
> > On Sun, Apr 02, 2006 at 11:08:11PM -0400, Tom Lane wrote:
> >> If this is the story, then FBSD have broken their system and must revert
> >> their change. They do not have kernel behavior that totally hides the
> >> existence of the other process, and therefore having some calls that
> >> pretend it's not there is simply inconsistent.
>
> > I'm guessing it's a deliberate change to prevent the information
> > leakage between jails.
>
> I have no objection to doing that, so long as you are actually doing it
> correctly. This example shows that each jail must have its own SysV
> semaphore key space, else information leaks anyway.
By default SysV shared memory is disallowed in jails.
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060403/4955f149/attachment.pgp
More information about the freebsd-stable
mailing list