From owner-freebsd-arch@freebsd.org Thu Apr 19 07:20:52 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4AAC5F88CCC for ; Thu, 19 Apr 2018 07:20:52 +0000 (UTC) (envelope-from ed@nuxi.nl) Received: from mail-lf0-x22c.google.com (mail-lf0-x22c.google.com [IPv6:2a00:1450:4010:c07::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B673F84D53 for ; Thu, 19 Apr 2018 07:20:51 +0000 (UTC) (envelope-from ed@nuxi.nl) Received: by mail-lf0-x22c.google.com with SMTP id d79-v6so6281080lfd.0 for ; Thu, 19 Apr 2018 00:20:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nuxi-nl.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GiigaTEbWsOMnTVUZlXiiwaHdEuMmtSUbXFQAYElGtw=; b=nkPIF1h4H8uOKC4jNMB+4NNrMEfhUoBLiDJXV8mVlIOlehSL53PiCdE41XqPW0sH7h g217BrmX8StRBrHoaAFcCwo1YYsOaWyET4qvCjx/NvHxaQIihAVAarW3QjHmjQ0jSf8U 1GcCMwABPpcBeMI7Wm6VBHosT7Wltcb/DFUaU5D+IF8Wq1TIciTckiPw8+DzAQcYdATx ig4bgXzHE/8RIDIlWWxhB6GGgpEGLScgXmlvwZL8eTVfaZVrjk0Gvu0lHHXAiO5O1DuR UO/rUA7VqL0Ht46Fhybzt083mx/ac4cutl6aqz0MhbTMDw5j76pfg5ez53hidlcUe6wu Si/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GiigaTEbWsOMnTVUZlXiiwaHdEuMmtSUbXFQAYElGtw=; b=oOeFstrDGU0US2StFl3dZ5tSSQkDA2It4pUk2UMKvR5aCR0DvYr9TZNS0L9CF6iLXG tKRTwdgh3nM7dFYgmo2/bDkgn/9FxWBWot6nremTmJORsVoTA4y04qKIhyCFTHDckk9T o3vN2TUZknC6+HXRa+Zm/hWMSoOpwYzUH9rUBjENO7At+JV/vsN+1ljUrSeT0t1+IewN eAgsm+8ASPu5uDXt80UF6OxyTT+yd0rxKg+NkkhjYKNRjw/tL+NmRkjuLbvxd+/3IrvJ oIGf6qfu7WRuiX7hMUU5IzsVg/lcojGXmbyvY7EusNof4HC14+uZETqtBzEkXj4/ApqN fLjQ== X-Gm-Message-State: ALQs6tB0swXYTEDqX8jzHs1K5TrAMc3o+oW27/6BybLrawTphEc67rdS gMo3zB7SNaHr3eA31PTKMGd6tqktlEGizzLyTTZ+2g== X-Google-Smtp-Source: AIpwx48pTx+GyuCyImKZhh5IYxHGOTEqtRxTof/TiPkha38ht8JzUjNwWWC94FdFindWpWw76JavRTjEA0qq8zs3Oa8= X-Received: by 2002:a19:5a1d:: with SMTP id o29-v6mr3321165lfb.93.1524122449650; Thu, 19 Apr 2018 00:20:49 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a19:294d:0:0:0:0:0 with HTTP; Thu, 19 Apr 2018 00:20:19 -0700 (PDT) In-Reply-To: References: From: Ed Schouten Date: Thu, 19 Apr 2018 09:20:19 +0200 Message-ID: Subject: Re: excluding processes from PTI To: Tycho Nightingale Cc: "freebsd-arch@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Apr 2018 07:20:52 -0000 Hi Tycho, 2018-04-16 21:33 GMT+02:00 Tycho Nightingale : > - if (pti) { > + if (pti && (jailed(cred) || cred->cr_ruid != 0)) { > > which excludes those processes running as superuser and are not in-jail. > > Another approach, suggested by kib, is to provide finer-grained control. Perhaps using procctl(2) instead. Maybe it's sufficient to just use priv_check() here? -- Ed Schouten Nuxi, 's-Hertogenbosch, the Netherlands