Hi,
On 10/21/2017 18:55, Allan Jude wrote:
On 2017-10-21 18:45, Steven Hartland wrote:
Personally I hate that idea as like being able to see all the processes
from the host.
I have a similar hate of Linux containers where you have to jump though
hoops just to see whats really happening on the host.
On Sat, 21 Oct 2017 at 20:29, Allan Jude <allanj...@freebsd.org
Note: this does NOT change root's ability to see the processes in the jail.
I just stops uid 1001 on the host, from using the processes owned by uid
1001 in each jail, even in the presence of: security.bsd.see_other_uids=0
I think we'd be doing our users a service by enabling this by default
and avoiding the potential foot-shooting. I'd even be happy if we set
the other security.bsd.see_other_* to 0 by default. Or at least change
the installer to default that way (if it doesn't already? I'm not sure).
Personally, I'm going to do that locally anyway so if we don't do those
things, I won't be upset, but saddened for our users sake.
Note too that security.bsd.see_jail_proc is partially a work around for
the fact that security.bsd.see_other_* doesn't work as you might expect.
It's literally the UID/GID, rather than the username, so
security.bsd.see_other_* has no idea that the users in the jail are not
the same users on the host, which is unexpected and counter-intuitive at
best and dangerous at worst. (Even if that were changed,
security.bsd.see_jail_proc is still useful for the potential scenario
where you don't want/need to set security.bsd.see_other_* but don't want
users to see processes in jails.)
Steve
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
