svn commit: r318751 - in head/sys: kern sys
Allan Jude
allanjude at freebsd.org
Sat Oct 21 19:29:34 UTC 2017
On 2017-05-23 12:59, Steve Wills wrote:
> Author: swills (ports committer)
> Date: Tue May 23 16:59:24 2017
> New Revision: 318751
> URL: https://svnweb.freebsd.org/changeset/base/318751
>
> Log:
> Add security.bsd.see_jail_proc
>
> Add security.bsd.see_jail_proc sysctl to hide jail processes from non-root
> users
>
> Reviewed by: jamie
> Approved by: allanjude
> Relnotes: yes
> Differential Revision: https://reviews.freebsd.org/D10770
>
I user was asking about this issue on IRC today.
I think I have changed my mind a bit.
I think we should make the default be off (so you can't see processes in
a jail from the host) by default in 12.
And that we should MFC this sysctl to stable/11, but not change the
default behaviour there.
Anyone else have thoughts?
--
Allan Jude
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-src-head/attachments/20171021/c346c2af/attachment.sig>
More information about the svn-src-head
mailing list