PERFORCE change 108138 for review

Thu Oct 19 17:32:40 PDT 2006

http://perforce.freebsd.org/chv.cgi?CH=108138

Change 108138 by rwatson at rwatson_zoo on 2006/10/20 00:32:17

	Do allow System V IPC and POSIX message queue privileges in Jail.

Affected files ...

.. //depot/projects/trustedbsd/priv/sys/kern/kern_jail.c#8 edit

Differences ...

==== //depot/projects/trustedbsd/priv/sys/kern/kern_jail.c#8 (text+ko) ====

@@ -592,12 +592,12 @@
 		 * The following privileges should be granted to jail once
 		 * implemented.
 		 */
-	/* case PRIV_IPC_READ: */
-	/* case PRIV_IPC_WRITE: */
-	/* case PRIV_IPC_EXEC: */
-	/* case PRIV_IPC_ADMIN: */
-	/* case PRIV_IPC_MSGSIZE: */
-	/* case PRIV_MQ_ADMIN: */
+	case PRIV_IPC_READ:
+	case PRIV_IPC_WRITE:
+	case PRIV_IPC_EXEC:
+	case PRIV_IPC_ADMIN:
+	case PRIV_IPC_MSGSIZE:
+	case PRIV_MQ_ADMIN:
 
 		/*
 		 * Jail implements its own inter-process limits, so allow
