Date: Mon, 10 Feb 2014 18:07:37 -0700 From: James Gritton <jamie@freebsd.org> To: John Baldwin <jhb@freebsd.org>, Doug Ambrisko <ambrisko@ambrisko.com> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, Gleb Smirnoff <glebius@freebsd.org>, Robert Watson <rwatson@freebsd.org>, svn-src-head@freebsd.org, Alexander Leidinger <Alexander@leidinger.net> Subject: Re: svn commit: r261266 - in head: sys/dev/drm sys/kern sys/sys usr.sbin/jail Message-ID: <52F977D9.5010200@freebsd.org> In-Reply-To: <2362081.WrjYmKeYu9@ralph.baldwin.cx> References: <201401291341.s0TDfDcB068211@svn.freebsd.org> <52EC4DBB.50804@freebsd.org> <20140203235336.GA46006@ambrisko.com> <2362081.WrjYmKeYu9@ralph.baldwin.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/5/2014 12:05 PM, John Baldwin wrote: > I think having a "kmem" flag for jails is a hack and not the right approach. > It does make a jail useless security-wise, but by masquerading as a flag, it > implies that it is only partially violating security which gives a false sense > of security. > > A short term solution that would permit non-security jails without having to > do the longer term work that Robert would like might be to add a new per-jail > flag that in effect means "no security at all". You would then modify one > place (prison_priv_check() in kern_jail.c) to treat a jail with this flag set > as if it wasn't jailed at all. This would clearly communicate to a user what > they were doing by enabling this flag (jail --root-me-please), and it would > also avoid future proliferation of new flags to add more optional and obscure > holes in jails. So is it worthwhile to add a new jail parameter called "insecure" (or somesuch)? That way you could easily add the encapsulation without any of the security. The other vibe I'm getting is not to do anything. Either way, it sounds like the Xorg-enabling patch will remain a patch - not seeing a lot of buy-in here. I'm not against more optional and obscure holes if they have a use; I just call that "a fine-grained capabilities model." - Jamie
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52F977D9.5010200>