diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -220,6 +220,7 @@
 #ifdef VIMAGE
 	{"allow.nfsd", "allow.nonfsd", PR_ALLOW_NFSD},
 #endif
+	{"allow.extattr", "allow.noextattr", PR_ALLOW_EXTATTR},
 };
 static unsigned pr_allow_all = PR_ALLOW_ALL_STATIC;
 const size_t pr_flag_allow_size = sizeof(pr_flag_allow);
@@ -4059,6 +4060,17 @@
 	case PRIV_VFS_READ_DIR:
 		return (0);
 
+		/*
+		 * Conditionally allow privileged process in the jail to
+		 * manipulate filesystem extended attributes in the system
+		 * namespace.
+		 */
+	case PRIV_VFS_EXTATTR_SYSTEM:
+		if ((cred->cr_prison->pr_allow & PR_ALLOW_EXTATTR) != 0)
+			return (0);
+		else
+			return (EPERM);
+
 		/*
 		 * Conditionnaly allow locking (unlocking) physical pages
 		 * in memory.
@@ -4552,6 +4564,8 @@
 SYSCTL_JAIL_PARAM(_allow, nfsd, CTLTYPE_INT | CTLFLAG_RW,
     "B", "Mountd/nfsd may run in the jail");
 #endif
+SYSCTL_JAIL_PARAM(_allow, extattr, CTLTYPE_INT | CTLFLAG_RW,
+    "B", "Jail may set system-level filesystem extended attributes");
 
 SYSCTL_JAIL_PARAM_SUBNODE(allow, mount, "Jail mount/unmount permission flags");
 SYSCTL_JAIL_PARAM(_allow_mount, , CTLTYPE_INT | CTLFLAG_RW,
diff --git a/sys/sys/jail.h b/sys/sys/jail.h
--- a/sys/sys/jail.h
+++ b/sys/sys/jail.h
@@ -253,7 +253,8 @@
 #define	PR_ALLOW_RESERVED_PORTS		0x00008000
 #define	PR_ALLOW_KMEM_ACCESS		0x00010000	/* reserved, not used yet */
 #define	PR_ALLOW_NFSD			0x00020000
-#define	PR_ALLOW_ALL_STATIC		0x000387ff
+#define	PR_ALLOW_EXTATTR		0x00040000
+#define	PR_ALLOW_ALL_STATIC		0x000787ff
 
 /*
  * PR_ALLOW_DIFFERENCES determines which flags are able to be
diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8
--- a/usr.sbin/jail/jail.8
+++ b/usr.sbin/jail/jail.8
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd August 26, 2023
+.Dd September 1, 2023
 .Dt JAIL 8
 .Os
 .Sh NAME
@@ -642,6 +642,9 @@
 The super-user will be disabled automatically if its parent system has it
 disabled.
 The super-user is enabled by default.
+.It Va allow.extattr
+Allow privileged process in the jail to manipulate filesystem extended
+attributes in the system namespace.
 .El
 .El
 .Pp
@@ -1414,7 +1417,8 @@
 .Xr shutdown 8 ,
 .Xr sysctl 8 ,
 .Xr syslogd 8 ,
-.Xr umount 8
+.Xr umount 8 ,
+.Xr extattr 9
 .Sh HISTORY
 The
 .Nm