Diffusion FreeBSD src repository - subversion rS339409

Add a new jail permission, allow.read_msgbuf. When true, jailed processes
rS339409
Actions

Description

Add a new jail permission, allow.read_msgbuf. When true, jailed processes
can see the dmesg buffer (this is the current behavior). When false (the
new default), dmesg will be unavailable to jailed users, whether root or
not.

The security.bsd.unprivileged_read_msgbuf sysctl still works as before,
controlling system-wide whether non-root users can see the buffer.

PR: 211580
Submitted by: bz
Approved by: re@ (kib@)
MFC after: 3 days

Details

Provenance

jamie

Authored on

Parents

rS339408: strptime: fix parsing of tm_year when both %C and %y appear in the

Branches

Unknown

Tags

Unknown

Event Timeline

jamie committed rS339409: Add a new jail permission, allow.read_msgbuf. When true, jailed processes.Oct 17 2018, 4:11 PM

Changes (5)

Path

Size

head/

sys/

kern/

sys/

usr.sbin/

jail/

jail.8

rS339409

View Options

head/sys/kern/kern_jail.c

View Options

head/sys/kern/kern_priv.c

View Options

head/sys/kern/subr_prf.c

View Options

head/sys/sys/jail.h

View Options

Add a new jail permission, allow.read_msgbuf. When true, jailed processesrS339409Actions

Description

Details

Event Timeline

Changes (5)

rS339409

head/sys/kern/kern_jail.c

head/sys/kern/kern_priv.c

head/sys/kern/subr_prf.c

head/sys/sys/jail.h

head/usr.sbin/jail/jail.8

Add a new jail permission, allow.read_msgbuf. When true, jailed processes
rS339409
Actions