On 29. Feb 2012, at 00:30 , Martin Matuska wrote: > Author: mm > Date: Wed Feb 29 00:30:18 2012 > New Revision: 232278 > URL: http://svn.freebsd.org/changeset/base/232278 > > Log: > Add procfs to jail-mountable filesystems. >
The man page lacks a .Dd update? I also think this one should come with a very big red warning in the man page that you can easily compromise your host security I fear unless things changed in "proc" land. > Reviewed by: jamie > MFC after: 1 week > > Modified: > head/sys/compat/linprocfs/linprocfs.c > head/sys/compat/linsysfs/linsysfs.c > head/sys/fs/procfs/procfs.c > head/sys/fs/pseudofs/pseudofs.h > head/sys/kern/kern_jail.c > head/sys/sys/jail.h > head/usr.sbin/jail/jail.8 .. > Modified: head/usr.sbin/jail/jail.8 > ============================================================================== > --- head/usr.sbin/jail/jail.8 Tue Feb 28 23:30:19 2012 (r232277) > +++ head/usr.sbin/jail/jail.8 Wed Feb 29 00:30:18 2012 (r232278) > @@ -428,6 +428,14 @@ This permission is effective only togeth > and if > .Va enforce_statfs > is set to a value lower than 2. > +.It Va allow.mount.procfs > +privileged users inside the jail will be able to mount and unmount the > +procfs file system. > +This permission is effective only together with > +.Va allow.mount > +and if > +.Va enforce_statfs > +is set to a value lower than 2. > .It Va allow.mount.zfs > privileged users inside the jail will be able to mount and unmount the > ZFS file system. -- Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do! _______________________________________________ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
