svn commit: r279361 - in head: sys/kern sys/sys usr.sbin/jail
Julian Elischer
julian at freebsd.org
Mon Mar 2 09:02:37 UTC 2015
On 2/27/15 8:28 AM, Ian Lepore wrote:
>
> Log:
> Allow the kern.osrelease and kern.osreldate sysctl values to be set in a
> jail's creation parameters. This allows the kernel version to be reliably
> spoofed within the jail whether examined directly with sysctl or
> indirectly with the uname -r and -K options.
> [..]
> There is no sanity or range checking, other than disallowing an empty
> release string or a zero release date, by design. The system
> administrator is trusted to set sane values. Setting values that are
> newer than the actual running kernel will likely cause compatibility
> problems.
>
I would think that you could at set time ensure that only older
releases were allowed..
I'm not sure what the rule would be with sub-sub-jails.. older than
parent, or older than base system..?
More information about the svn-src-all
mailing list