]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 44bd1e3) | patch
o Deny access to System V IPC from within jail by default, as in the
authorrwatson <rwatson@FreeBSD.org>
Tue, 31 Oct 2000 01:34:00 +0000 (01:34 +0000)
committerrwatson <rwatson@FreeBSD.org>
Tue, 31 Oct 2000 01:34:00 +0000 (01:34 +0000)
commite1bb04b4d38e6ec7620efea36cb2e8a7c68390a3
tree997462626f7687a9313713167612f39d8dec1084tree | snapshot
parent44bd1e3405849fed4c24b6701de82eb9d1a5906fcommit | diff
o Deny access to System V IPC from within jail by default, as in the
  current implementation, jail neither virtualizes the Sys V IPC namespace,
  nor provides inter-jail protections on IPC objects.
o Support for System V IPC can be enabled by setting jail.sysvipc_allowed=1
  using sysctl.
o This is not the "real fix" which involves virtualizing the System V
  IPC namespace, but prevents processes within jail from influencing those
  outside of jail when not approved by the administrator.

Reported by: Paulo Fragoso <paulo@nlink.com.br>
sys/kern/kern_jail.c diff | blob | history
sys/kern/sysv_msg.c diff | blob | history
sys/kern/sysv_sem.c diff | blob | history
sys/kern/sysv_shm.c diff | blob | history
sys/sys/jail.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.