From owner-svn-src-head@FreeBSD.ORG  Tue Dec 18 14:46:33 2012
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 029CBF2;
 Tue, 18 Dec 2012 14:46:33 +0000 (UTC)
 (envelope-from ivoras@gmail.com)
Received: from mail-vc0-f171.google.com (mail-vc0-f171.google.com
 [209.85.220.171])
 by mx1.freebsd.org (Postfix) with ESMTP id 664A88FC0A;
 Tue, 18 Dec 2012 14:46:32 +0000 (UTC)
Received: by mail-vc0-f171.google.com with SMTP id n11so927374vch.2
 for <multiple recipients>; Tue, 18 Dec 2012 06:46:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:from:date
 :x-google-sender-auth:message-id:subject:to:cc:content-type;
 bh=tgsCbKhTii0CkKr+7aBiCCq4oe246avDd9W67vchI80=;
 b=zf/mM1QBfdUMdT6idcf72ouq3XSBHUbZkRZwoqAAiyJ1Se4O5dbladIUhqO8jFPi18
 JUJEzux0OtzRgrb60dhThSeOTuT5tZcwFnCjDRMBlgM3VFURLlyEPqt0Ot4R9T9OiKa4
 GQt16jZ+v1oWJO3XdeGmO98ujFKONHGU4gZLgnLAohtRwo3CvSwjGf1G7zphT7YTvOiZ
 XSf7vBEZV9IKS+eap3sMDZyBIImPxWTFa1WE2l3SVSIl5HpV8AaKt0jUHqXL2xU/G86D
 ae37annJFwr+Xf53Pwy4H9PluCpTIhs0FV/kzK1pndWxdPS4+RmNWoYuSx3DcEkMLEh8
 wkeQ==
Received: by 10.220.209.74 with SMTP id gf10mr3342408vcb.10.1355841540839;
 Tue, 18 Dec 2012 06:39:00 -0800 (PST)
MIME-Version: 1.0
Sender: ivoras@gmail.com
Received: by 10.58.107.230 with HTTP; Tue, 18 Dec 2012 06:38:20 -0800 (PST)
In-Reply-To: <201212180736.qBI7aj4K086137@svn.freebsd.org>
References: <201212180736.qBI7aj4K086137@svn.freebsd.org>
From: Ivan Voras <ivoras@freebsd.org>
Date: Tue, 18 Dec 2012 15:38:20 +0100
X-Google-Sender-Auth: VY_eUB33aX91xaLNVzyKa8B2LqU
Message-ID: <CAF-QHFXwfrZZYwtV6dkidesO0osoY_5sszaHoadk58BwrovLwQ@mail.gmail.com>
Subject: Re: svn commit: r244385 - head/sys/kern
To: Andrey Zonov <zont@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
 src-committers@freebsd.org
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2012 14:46:33 -0000

On 18 December 2012 08:36, Andrey Zonov <zont@freebsd.org> wrote:
> Author: zont
> Date: Tue Dec 18 07:36:45 2012
> New Revision: 244385
> URL: http://svnweb.freebsd.org/changeset/base/244385
>
> Log:
>   - Add sysctl to allow unprivileged users to call mlock(2)-family system
>     calls and turn it on.
>   - Do not allow to call them inside jail. [1]

There's a sysctl branch security.jail.param.allow. which might be
useful here to add for jails.