svn commit: r306452 - head/sys/kern
Allan Jude
allanjude at FreeBSD.org
Thu Sep 29 16:29:51 UTC 2016
Author: allanjude
Date: Thu Sep 29 16:29:49 2016
New Revision: 306452
URL: https://svnweb.freebsd.org/changeset/base/306452
Log:
Allow reading the following sysctl MIBs in capability mode:
kern.hostname, kern.domainname, and kern.hostuuid
This allows sandboxed applications to read these sysctls
Submitted by: cem (original version)
Reviewed by: cem, jonathan, rwatson (original version)
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D8015
Modified:
head/sys/kern/kern_mib.c
Modified: head/sys/kern/kern_mib.c
==============================================================================
--- head/sys/kern/kern_mib.c Thu Sep 29 14:35:32 2016 (r306451)
+++ head/sys/kern/kern_mib.c Thu Sep 29 16:29:49 2016 (r306452)
@@ -316,15 +316,15 @@ sysctl_hostname(SYSCTL_HANDLER_ARGS)
}
SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
- CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+ CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
(void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN,
sysctl_hostname, "A", "Hostname");
SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname,
- CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+ CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
(void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN,
sysctl_hostname, "A", "Name of the current YP/NIS domain");
SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid,
- CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+ CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
(void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN,
sysctl_hostname, "A", "Host UUID");
More information about the svn-src-head
mailing list