On Mon, Feb 21, 2005 at 10:16:56PM +0000, Wojciech A. Koszek wrote: > Hello hackers, > I would like to let you know I've been doing [partial] audit of ioctl() > code. There are some places, which may interest you. These are: > > sys/cam/cam_xpt.c > sys/contrib/ipfilter/netinet/ip_fil.c > sys/contrib/pf/net/pf_ioctl.c > sys/dev/ata/ata-all.c > sys/dev/md/md.c > sys/geom/geom_ctl.c
I would argue that the controlling device are not supposed to be in a jail if you are concerned about something attacking your system with it. At least for FreeBSD 4, MAKEDEV jail doesn't create any of those. Joerg _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
