cvs commit: src/sys/sys jail.h src/sys/kern kern_jail.c
vfs_syscalls.c
Bjoern A. Zeeb
bz at zabbadoz.net
Sat Feb 14 10:46:31 PST 2004
On Sat, 14 Feb 2004, Robert Watson wrote:
> rwatson 2004/02/14 10:31:12 PST
>
> FreeBSD src repository
>
> Modified files:
> sys/sys jail.h
> sys/kern kern_jail.c vfs_syscalls.c
> Log:
> By default, when a process in jail calls getfsstat(), only return the
> data for the file system on which the jail's root vnode is located.
> Previous behavior (show data for all mountpoints) can be restored
> by setting security.jail.getfsstatroot_only to 0. Note: this also
> has the effect of hiding other mounts inside a jail, such as /dev,
> /tmp, and /proc, but errs on the side of leaking less information.
>
> Revision Changes Path
> 1.36 +20 -0 src/sys/kern/kern_jail.c
> 1.337 +8 -0 src/sys/kern/vfs_syscalls.c
> 1.20 +3 -0 src/sys/sys/jail.h
please have a look at
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/49085
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
56 69 73 69 74 http://www.zabbadoz.net/
More information about the cvs-src
mailing list