From owner-cvs-all Sun Oct 29 11:25:45 2000 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id DB92137B479; Sun, 29 Oct 2000 11:25:39 -0800 (PST) Received: (from rwatson@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id LAA56985; Sun, 29 Oct 2000 11:25:39 -0800 (PST) (envelope-from rwatson@FreeBSD.org) Message-Id: <200010291925.LAA56985@freefall.freebsd.org> From: Robert Watson Date: Sun, 29 Oct 2000 11:25:39 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_jail.c uipc_socket.c src/sys/sys jail.h X-FreeBSD-CVS-Branch: RELENG_4 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG rwatson 2000/10/29 11:25:39 PST Modified files: (Branch: RELENG_4) sys/kern kern_jail.c uipc_socket.c sys/sys jail.h Log: MFC of jail fixups: 1.7 +9 -2 src/sys/kern/kern_jail.c 1.73 +10 -1 src/sys/kern/uipc_socket.c 1.9 +2 -1 src/sys/sys/jail.h For reference: o Modify jail to limit creation of sockets to UNIX domain sockets, TCP/IP (v4) sockets, and routing sockets. Previously, interaction with IPv6 was not well-defined, and might be inappropriate for some environments. Similarly, sysctl MIB entries providing interface information also give out only addresses from those protocol domains. For the time being, this functionality is enabled by default, and toggleable using the sysctl variable jail.socket_unixiproute_only. In the future, protocol domains will be able to determine whether or not they are ``jail aware''. Revision Changes Path 1.6.2.1 +9 -2 src/sys/kern/kern_jail.c 1.68.2.9 +10 -1 src/sys/kern/uipc_socket.c 1.8.2.1 +2 -1 src/sys/sys/jail.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message