Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 1 Sep 2023 08:14:45 GMT
From:      Dmitry Chagin <dchagin@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 315d7bbbb4e4 - main - extattr(9): Mention system namespace restrictions in a jail
Message-ID:  <202309010814.3818EjHK008546@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch main has been updated by dchagin:

URL: https://cgit.FreeBSD.org/src/commit/?id=315d7bbbb4e4b35d195a0a74ede229b1f64d42cc

commit 315d7bbbb4e4b35d195a0a74ede229b1f64d42cc
Author:     Dmitry Chagin <dchagin@FreeBSD.org>
AuthorDate: 2023-09-01 08:12:51 +0000
Commit:     Dmitry Chagin <dchagin@FreeBSD.org>
CommitDate: 2023-09-01 08:12:51 +0000

    extattr(9): Mention system namespace restrictions in a jail
    
    Reported by:            netchild
    Reviewed by:            gbe
    Differential revision:  https://reviews.freebsd.org/D41676
    MFC after:              1 week
---
 share/man/man9/extattr.9 | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/share/man/man9/extattr.9 b/share/man/man9/extattr.9
index 3a49746d1eb1..c765a55e9059 100644
--- a/share/man/man9/extattr.9
+++ b/share/man/man9/extattr.9
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd December 23, 1999
+.Dd September 1, 2023
 .Dt EXTATTR 9
 .Os
 .Sh NAME
@@ -54,6 +54,10 @@ attribute data is protected according the normal discretionary
 and mandatory protections associated with the data in the file or
 directory; system attribute data is protected such that appropriate
 privilege is required to directly access or manipulate these attributes.
+By default processes in a
+.Xr jail 8
+can not access to the system attribute data unless allow.extattr
+configuration parameter is specified.
 .Pp
 Reads of extended attribute data may return specific contiguous regions of
 the meta-data, in the style of
@@ -77,6 +81,7 @@ Appropriate vnode extended attribute calls are:
 and
 .Xr VOP_SETEXTATTR 9 .
 .Sh SEE ALSO
+.Xr jail 8 ,
 .Xr VFS 9 ,
 .Xr VFS_EXTATTRCTL 9 ,
 .Xr VOP_GETEXTATTR 9 ,

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309010814.3818EjHK008546>