From owner-svn-src-head@freebsd.org Sat Oct 21 22:55:40 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D4045E3C4A8; Sat, 21 Oct 2017 22:55:40 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id AA9136E6ED; Sat, 21 Oct 2017 22:55:40 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from [10.1.1.2] (unknown [209.51.186.28]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id CBCCA133C0; Sat, 21 Oct 2017 22:55:38 +0000 (UTC) Subject: Re: svn commit: r318751 - in head/sys: kern sys To: Steven Hartland , Steve Wills , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <201705231659.v4NGxOB8013882@repo.freebsd.org> From: Allan Jude Message-ID: <96e0c0bc-eb9c-2ffa-9216-88678d0e8730@freebsd.org> Date: Sat, 21 Oct 2017 18:55:34 -0400 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vFwxUcvivvD2ITOrruoMDvRPtSs8gM853" X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Oct 2017 22:55:41 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --vFwxUcvivvD2ITOrruoMDvRPtSs8gM853 Content-Type: multipart/mixed; boundary="8Xp2jf0tca3I9Jr5Uw22UMCA17XsgC2al"; protected-headers="v1" From: Allan Jude To: Steven Hartland , Steve Wills , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Message-ID: <96e0c0bc-eb9c-2ffa-9216-88678d0e8730@freebsd.org> Subject: Re: svn commit: r318751 - in head/sys: kern sys References: <201705231659.v4NGxOB8013882@repo.freebsd.org> In-Reply-To: --8Xp2jf0tca3I9Jr5Uw22UMCA17XsgC2al Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 2017-10-21 18:45, Steven Hartland wrote: > Personally I hate that idea as like being able to see all the processes= > from the host. >=20 > I have a similar hate of Linux containers where you have to jump though= > hoops just to see whats really happening on the host. >=20 > On Sat, 21 Oct 2017 at 20:29, Allan Jude > wrote: >=20 > On 2017-05-23 12:59, Steve Wills wrote: > > Author: swills (ports committer) > > Date: Tue May 23 16:59:24 2017 > > New Revision: 318751 > > URL: https://svnweb.freebsd.org/changeset/base/318751 > > > > Log: > >=C2=A0 =C2=A0Add security.bsd.see_jail_proc > > > >=C2=A0 =C2=A0Add security.bsd.see_jail_proc sysctl to hide jail pr= ocesses > from non-root > >=C2=A0 =C2=A0users > > > >=C2=A0 =C2=A0Reviewed by:=C2=A0 =C2=A0 =C2=A0 =C2=A0 jamie > >=C2=A0 =C2=A0Approved by:=C2=A0 =C2=A0 =C2=A0 =C2=A0 allanjude > >=C2=A0 =C2=A0Relnotes:=C2=A0 =C2=A0yes > >=C2=A0 =C2=A0Differential Revision:=C2=A0 =C2=A0 =C2=A0 https://re= views.freebsd.org/D10770 > > > I user was asking about this issue on IRC today. >=20 > I think I have changed my mind a bit. >=20 > I think we should make the default be off (so you can't see process= es in > a jail from the host) by default in 12. >=20 > And that we should MFC this sysctl to stable/11, but not change the= > default behaviour there. >=20 > Anyone else have thoughts? >=20 > -- > Allan Jude >=20 Note: this does NOT change root's ability to see the processes in the jai= l. I just stops uid 1001 on the host, from using the processes owned by uid 1001 in each jail, even in the presence of: security.bsd.see_other_uids=3D= 0 --=20 Allan Jude --8Xp2jf0tca3I9Jr5Uw22UMCA17XsgC2al-- --vFwxUcvivvD2ITOrruoMDvRPtSs8gM853 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJZ69BpAAoJEBmVNT4SmAt+WlcQAJqY8JjmmRdNCFgE5fNKwjyc Lvur8LvuNljn0R8v8CRDHdUdWaLBN82T7B8mztLmyuCTCl6HHgE5dKzzHcA7/Arb PPqoXMsN4rBkVKDbuWcbhRSAsZf1EQpUT7BHQLSPt9MyNmlUR+e55/LpbKNhRi3s nZWzg7H9nmVoDTl3mp+ALujI6c9uAAXQVtrji+K3RX+pNaUfp528jEjsqRg49+wq amrlJrkZSemzwPeIG76g6lLAe628SpVZ21cSPi+qI6ZgfL9ZSN+qN8k0VR6sNFSC LSn/IlG2Vrgdw4Fn40mNlvjp7oT4MQao3nPCvuB+MGYjopJ9txNxGBct5mVn/UjE 7nBV7DBFVxA3qny11nodsSCzPP9BIAeCh99jH338AbEeoqd6rI2plgz3KxVhjoKQ b4ISAwzgi6ag8mjaAE/RU0WkjTTMLg8Oy2RaHzWAWCwV++dFDpiSZHP8hFZnQPYj iLtFNQ2EdxbnpcLmC0MT83X6ZxzS8rRbnfe60gZndClRZEyOdhO3qK4LsXNt6KnZ 3MupgA13F+8L81Z4fWNVH6IeEQQjFENplmw5E7Zk0HUUJE84vFbc/g/Xx6p2usyn iKgibaFYpmOx80DrC9MT+lDtM3Kg0EuB8hLwL25ZJyB2GTwVyW1fVLMjJKKnnRvk c+gMHESAJIGLWWvSLCLp =PBL/ -----END PGP SIGNATURE----- --vFwxUcvivvD2ITOrruoMDvRPtSs8gM853--