Re: kern/174104: security.jail.param does not reflect actual jail perms

emaste Tue, 04 Dec 2012 06:31:49 -0800

Synopsis: security.jail.param does not reflect actual jail perms

Responsible-Changed-From-To: freebsd-bugs->emaste
Responsible-Changed-By: emaste
Responsible-Changed-When: Tue Dec 4 14:26:51 UTC 2012
Responsible-Changed-Why: 
Assign to myself for tracking.


This stuff is rather opaque and poorly documented, but it does appear to
function.

There are two sysctls associated with each of these parameters - e.g.:

security.jail.param.allow.mount.nullfs:
    Jail may mount the nullfs file system

security.jail.mount_nullfs_allowed:
    Processes in jail can mount the nullfs file system

The non-param one inside the jail tracks modifications from jail -m
modifications done by the host.


http://www.freebsd.org/cgi/query-pr.cgi?pr=174104
_______________________________________________
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

Re: kern/174104: security.jail.param does not reflect actual jail perms

Reply via email to