From owner-cvs-src@FreeBSD.ORG Sun Feb 15 08:29:37 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74A5316A4CE; Sun, 15 Feb 2004 08:29:37 -0800 (PST) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id F2CF643D1F; Sun, 15 Feb 2004 08:29:35 -0800 (PST) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.10/8.12.10) with ESMTP id i1FGT9DL056529; Sun, 15 Feb 2004 11:29:10 -0500 (EST) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)i1FGT9FH056526; Sun, 15 Feb 2004 11:29:09 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Sun, 15 Feb 2004 11:29:09 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Pawel Jakub Dawidek In-Reply-To: <20040215162455.GZ14639@garage.freebsd.pl> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_jail.c X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Feb 2004 16:29:37 -0000 On Sun, 15 Feb 2004, Pawel Jakub Dawidek wrote: > On Sat, Feb 14, 2004 at 11:19:48AM -0800, Robert Watson wrote: > +> Commiter: Robert Watson > +> Branch: HEAD > +> > +> Files: > +> 1.38 src/sys/kern/kern_jail.c > +> > +> Log: > +> By default, don't allow processes in a jail to list the set of > +> jails in the system. Previous behavior (allowed) may be restored > +> by setting security.jail.list_allowed=1. > > Are you planning to leave this sysctl? IMHO the previous behaviour was > just bad, this was a bug, and restoring this behaviour shouldn't be > permitted. But if this sysctl is just a temporary solution and will be > removed in the future, it is ok (but maybe BURN_BRIDGES should be > added?). > > PS. This functionality is quite fresh, I'm not sure if someone started > to depend on it... Yeah, the interesting question here is whether it was intentional in the first place for a good reason, or just a by-product of the implementation. How about we wait three weeks and see if anyone complains on freebsd-current about the loss of functionality -- if no one says anything, we remove the sysctl? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research