Re: svn commit: r318751 - in head/sys: kern sys

2017-10-23 Thread Konstantin Belousov
On Mon, Oct 23, 2017 at 09:31:42AM -0400, Steve Wills wrote: > Hi, > > On 10/21/2017 18:55, Allan Jude wrote: > > On 2017-10-21 18:45, Steven Hartland wrote: > >> Personally I hate that idea as like being able to see all the processes > >> from the host. > >> > >> I have a similar hate of Linux co

Re: svn commit: r318751 - in head/sys: kern sys

2017-10-23 Thread Benjamin Kaduk
On Mon, Oct 23, 2017 at 8:31 AM, Steve Wills wrote: > > Note too that security.bsd.see_jail_proc is partially a work around for > the fact that security.bsd.see_other_* doesn't work as you might expect. > It's literally the UID/GID, rather than the username, so > security.bsd.see_other_* has no i

Re: svn commit: r318751 - in head/sys: kern sys

2017-10-23 Thread Steve Wills
Hi, On 10/21/2017 18:55, Allan Jude wrote: On 2017-10-21 18:45, Steven Hartland wrote: Personally I hate that idea as like being able to see all the processes from the host. I have a similar hate of Linux containers where you have to jump though hoops just to see whats really happening on the

Re: svn commit: r318751 - in head/sys: kern sys

2017-10-21 Thread Allan Jude
On 2017-10-21 18:45, Steven Hartland wrote: > Personally I hate that idea as like being able to see all the processes > from the host. > > I have a similar hate of Linux containers where you have to jump though > hoops just to see whats really happening on the host. > > On Sat, 21 Oct 2017 at 20:

Re: svn commit: r318751 - in head/sys: kern sys

2017-10-21 Thread Steven Hartland
Personally I hate that idea as like being able to see all the processes from the host. I have a similar hate of Linux containers where you have to jump though hoops just to see whats really happening on the host. On Sat, 21 Oct 2017 at 20:29, Allan Jude wrote: > On 2017-05-23 12:59, Steve Wills

Re: svn commit: r318751 - in head/sys: kern sys

2017-10-21 Thread Allan Jude
On 2017-05-23 12:59, Steve Wills wrote: > Author: swills (ports committer) > Date: Tue May 23 16:59:24 2017 > New Revision: 318751 > URL: https://svnweb.freebsd.org/changeset/base/318751 > > Log: > Add security.bsd.see_jail_proc > > Add security.bsd.see_jail_proc sysctl to hide jail process

svn commit: r318751 - in head/sys: kern sys

2017-05-23 Thread Steve Wills
Author: swills (ports committer) Date: Tue May 23 16:59:24 2017 New Revision: 318751 URL: https://svnweb.freebsd.org/changeset/base/318751 Log: Add security.bsd.see_jail_proc Add security.bsd.see_jail_proc sysctl to hide jail processes from non-root users Reviewed by: jamie Approv