Date: Tue, 02 Nov 2021 01:46:07 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 259582] hw.snd.default_unit can be modified by any user including those in a jail Message-ID: <bug-259582-227-Ixe91Br8xX@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-259582-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259582 Konstantin Belousov <kib@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|unspecified |CURRENT Group|freebsd_committer | Assignee|secteam@FreeBSD.org |bugs@FreeBSD.org Product|Security |Base System Component|Base |misc --- Comment #5 from Konstantin Belousov <kib@FreeBSD.org> --- You would need a reverse of CTLFLAG_PRISON to get the requested functionality. Or something like ANYBODY_PRISON0. But perhaps the best route is to remove this sysctl at all, and update mixer functionality to allow to specify the desired default output. This would make it honor all normal 'security' checks. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-259582-227-Ixe91Br8xX>