On 2017-05-23 12:59, Steve Wills wrote: > Author: swills (ports committer) > Date: Tue May 23 16:59:24 2017 > New Revision: 318751 > URL: https://svnweb.freebsd.org/changeset/base/318751 > > Log: > Add security.bsd.see_jail_proc > > Add security.bsd.see_jail_proc sysctl to hide jail processes from non-root > users > > Reviewed by: jamie > Approved by: allanjude > Relnotes: yes > Differential Revision: https://reviews.freebsd.org/D10770 > I user was asking about this issue on IRC today.
I think I have changed my mind a bit. I think we should make the default be off (so you can't see processes in a jail from the host) by default in 12. And that we should MFC this sysctl to stable/11, but not change the default behaviour there. Anyone else have thoughts? -- Allan Jude
signature.asc
Description: OpenPGP digital signature
