svn commit: r255316 - head/sys/kern
Gleb Smirnoff
glebius at FreeBSD.org
Sat Sep 7 07:03:15 UTC 2013
Jamie,
On Fri, Sep 06, 2013 at 12:59:06PM -0600, Jamie Gritton wrote:
J> > J> +
J> > J> + /*
J> > J> + * As in the non-jail case, non-root users are expected to be
J> > J> + * able to read kernel/phyiscal memory (provided /dev/[k]mem
J> > J> + * exists in the jail and they have permission to access it).
J> > J> + */
J> > J> + case PRIV_KMEM_READ:
J> > J> return (0);
J> > J>
J> > J> /*
J> >
J> > Was that discussed anywhere or reviewed by anyone?
J>
J> Yes, it was brought up by jase@ in src-committers last week, noting that
J> my original PRIV_KMEM_* commit (r252841) broke existing jail behavior.
J> The entire "discussion" was the mention of the problem and my mention of
J> what it would take to fix it. There was no code review as such, but that
J> seemed appropriate for an obvious one-liner.
I'm sorry then.
Does that mean that we always have had ability for a jail-root to
investigate kernel memory?
--
Totus tuus, Glebius.
More information about the svn-src-all
mailing list