Author: brueffer Date: Mon Apr 27 20:38:27 2009 New Revision: 191598 URL: http://svn.freebsd.org/changeset/base/191598
Log: Document an issue of jail(8) in conjunction with cpuset(1). Problem reported by: Miroslav Lachman <000.f...@quip.cz> Reviewed by: bz Approved by: re (kib) Modified: releng/7.2/usr.bin/cpuset/cpuset.1 releng/7.2/usr.sbin/jail/jail.8 Modified: releng/7.2/usr.bin/cpuset/cpuset.1 ============================================================================== --- releng/7.2/usr.bin/cpuset/cpuset.1 Mon Apr 27 20:23:22 2009 (r191597) +++ releng/7.2/usr.bin/cpuset/cpuset.1 Mon Apr 27 20:38:27 2009 (r191598) @@ -177,3 +177,9 @@ command first appeared in .Fx 7.1 . .Sh AUTHORS .An Jeffrey Roberson Aq j...@freebsd.org +.Sh BUGS +At the moment it is possible for a superuser inside a +.Xr jail 8 +to modify the root +.Xr cpuset 2 +of that jail. Modified: releng/7.2/usr.sbin/jail/jail.8 ============================================================================== --- releng/7.2/usr.sbin/jail/jail.8 Mon Apr 27 20:23:22 2009 (r191597) +++ releng/7.2/usr.sbin/jail/jail.8 Mon Apr 27 20:38:27 2009 (r191598) @@ -699,3 +699,9 @@ Currently, the simplest answer is to min offered on the host, possibly limiting it to services offered from .Xr inetd 8 which is easily configurable. +.Pp +At the moment it is possible for a superuser inside a +.Nm +to modify the root +.Xr cpuset 2 +of that jail. _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
