svn commit: r261266 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail
James Gritton
jamie at freebsd.org
Wed Jan 29 13:54:06 UTC 2014
It does. I included a warning in jail.8 that this will pretty much
undo jail security. There are still reasons some may want to do this,
but it's definitely not for everyone or even most people.
- Jamie
On 1/29/2014 6:43 AM, Gleb Smirnoff wrote:
> On Wed, Jan 29, 2014 at 01:41:13PM +0000, Jamie Gritton wrote:
> J> Author: jamie
> J> Date: Wed Jan 29 13:41:13 2014
> J> New Revision: 261266
> J> URL: http://svnweb.freebsd.org/changeset/base/261266
> J>
> J> Log:
> J> Add a jail parameter, allow.kmem, which lets jailed processes access
> J> /dev/kmem and related devices (i.e. grants PRIV_IO and PRIV_KMEM_WRITE).
> J> This in conjunction with changing the drm driver's permission check from
> J> PRIV_DRIVER to PRIV_KMEM_WRITE will allow a jailed Xorg server.
> J>
> J> Submitted by: netchild
>
> Doesn't this allow to easily unjail self? :)
More information about the svn-src-all
mailing list