Date: Thu, 05 Mar 2026 18:53:11 +0000 From: Kyle Evans <kevans@FreeBSD.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org Subject: git: d7b972c0c2 - main - 15.0/relnotes: document allow.unprivileged_parent_tampering Message-ID: <69a9d117.47066.247a57ac@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/doc/commit/?id=d7b972c0c279eeaa8a070a2eceecce8412f281f9 commit d7b972c0c279eeaa8a070a2eceecce8412f281f9 Author: Kyle Evans <kevans@FreeBSD.org> AuthorDate: 2026-03-05 18:52:16 +0000 Commit: Kyle Evans <kevans@FreeBSD.org> CommitDate: 2026-03-05 18:53:01 +0000 15.0/relnotes: document allow.unprivileged_parent_tampering Reviewed by: ziaee Differential Revision: https://reviews.freebsd.org/D54956 --- website/content/en/releases/15.0R/relnotes.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/website/content/en/releases/15.0R/relnotes.adoc b/website/content/en/releases/15.0R/relnotes.adoc index 28abfb8b31..ab5cc5ecd6 100644 --- a/website/content/en/releases/15.0R/relnotes.adoc +++ b/website/content/en/releases/15.0R/relnotes.adoc @@ -1028,6 +1028,10 @@ Code that needs to be portable to both 15.0 and earlier versions can use `cr_gid gitref:be1f7435ef218b1df35[repository=src] {{< sponsored "the FreeBSD Foundation" >}} +Unprivileged processes may no longer debug, schedule, or signal processes belonging to the same UID in a child jail by default. +The `allow.unprivileged_parent_tampering` man:jail[8] setting has been added to revert to the previous behavior for jails where the UID in both parent and child jail are expected to be the same user. +gitref:8a5ceebece0311bc411[repository=src] + [[kernel-architecture-specific]] === Architecture-Specific Changeshome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69a9d117.47066.247a57ac>