On Mon, 2015-03-02 at 01:02 -0800, Julian Elischer wrote: > On 2/27/15 8:28 AM, Ian Lepore wrote: > > > > > Log: > > Allow the kern.osrelease and kern.osreldate sysctl values to be set in a > > jail's creation parameters. This allows the kernel version to be > > reliably > > spoofed within the jail whether examined directly with sysctl or > > indirectly with the uname -r and -K options. > > [..] > > > There is no sanity or range checking, other than disallowing an empty > > release string or a zero release date, by design. The system > > administrator is trusted to set sane values. Setting values that are > > newer than the actual running kernel will likely cause compatibility > > problems. > > > I would think that you could at set time ensure that only older > releases were allowed.. > I'm not sure what the rule would be with sub-sub-jails.. older than > parent, or older than base system..? > >
I am a really really strong believer in giving administrators complete control of their systems. If they want to do "something stupid" because it works for them, I'm not going to stop them. -- Ian _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
