From owner-freebsd-bugs@FreeBSD.ORG  Tue Nov 27 01:42:07 2012
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id D465B1EE
 for <freebsd-bugs@freebsd.org>; Tue, 27 Nov 2012 01:42:07 +0000 (UTC)
 (envelope-from mjguzik@gmail.com)
Received: from mail-we0-f182.google.com (mail-we0-f182.google.com
 [74.125.82.182])
 by mx1.freebsd.org (Postfix) with ESMTP id 5AA518FC0C
 for <freebsd-bugs@freebsd.org>; Tue, 27 Nov 2012 01:42:06 +0000 (UTC)
Received: by mail-we0-f182.google.com with SMTP id u54so4985268wey.13
 for <freebsd-bugs@freebsd.org>; Mon, 26 Nov 2012 17:42:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=date:from:to:subject:message-id:mime-version:content-type
 :content-disposition:user-agent;
 bh=qe8CjFNeucq5/ZHK5k4TCxZnz7HqqDUwUv20yfS0YHk=;
 b=GhHj3GPQ0aj2RueKAsbVY7bYViZoThn6LoZ2iLLbRgP4p1ZHNXj1/e++7ZqF923/fb
 7DFfvAWYpVdUoLd8sgMnHVZHxHbQ/6MKh7UzE/OUkx/sDQxN+UIcJxHhuT4A+0r/rQtA
 lWrcUdwAYAhBe6SNLbrdja6U0qnkGgkmZMI63fEJ+/Y6VfYfZdmKdCC9/H+fi0eyizBc
 Wy6L9jT+WNJfnK2Y156JmqzjtBySdqrNcbPZrXTlj6HBZGyKxcumGEy8nu6DLXTpAF3L
 o/AaU89e6KMWIfUn7CBTOsaolb1eGgClxzdiIlfhv50whqIy1SgjV6du15nJr/1OoEst
 304g==
Received: by 10.180.105.105 with SMTP id gl9mr39023wib.17.1353980525924;
 Mon, 26 Nov 2012 17:42:05 -0800 (PST)
Received: from dft-labs.eu (n1x0n-1-pt.tunnel.tserv5.lon1.ipv6.he.net.
 [2001:470:1f08:1f7::2])
 by mx.google.com with ESMTPS id e6sm496699wiy.4.2012.11.26.17.42.04
 (version=TLSv1/SSLv3 cipher=OTHER);
 Mon, 26 Nov 2012 17:42:04 -0800 (PST)
Date: Tue, 27 Nov 2012 02:42:02 +0100
From: Mateusz Guzik <mjguzik@gmail.com>
To: freebsd-bugs@FreeBSD.org
Subject: Re: kern/21463: [linux] Linux compatability mode should not allow
 setuid programs
Message-ID: <20121127014201.GA9060@dft-labs.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
User-Agent: Mutt/1.5.20 (2009-06-14)
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Nov 2012 01:42:08 -0000

Hi,

I think we should go a step futher and get per-jail support for
enabling/disabling Linux compatibility support, possibly along with the
ability to control sugid programs.

I don't have time to work on this at the moment though.

-- 
Mateusz Guzik <mjguzik gmail.com>