Date: Fri, 25 May 2012 09:48:34 -0700 From: Sean Bruno <seanbru@yahoo-inc.com> To: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: [jail] Allowing root privledged users to renice Message-ID: <1337964514.8951.2.camel@powernoodle-l7.corp.yahoo.com>
next in thread | raw e-mail | index | archive | help
I've been toying with the idea of letting jails renice processes ... how dangerous and/or stupid is this idea? ==== //depot/yahoo/ybsd_9/src/sys/kern/kern_jail.c#5 - /home/seanbru/ybsd_9/src/sys/kern/kern_jail.c ==== 270a271,275 + int jail_allow_renice = 0; + SYSCTL_INT(_security_jail, OID_AUTO, allow_renice, CTLFLAG_RW, + &jail_allow_renice, 0, + "Prison root can renice processes"); 3857a3863,3865 + case PRIV_SCHED_SETPRIORITY: + if (!jail_allow_renice) + return (EPERM);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1337964514.8951.2.camel>