From owner-cvs-all Tue Oct 31 9:42:21 2000 Delivered-To: cvs-all@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id AB48337B4CF; Tue, 31 Oct 2000 09:42:19 -0800 (PST) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id MAA85025; Tue, 31 Oct 2000 12:42:13 -0500 (EST) (envelope-from wollman) Date: Tue, 31 Oct 2000 12:42:13 -0500 (EST) From: Garrett Wollman Message-Id: <200010311742.MAA85025@khavrinen.lcs.mit.edu> To: Robert Watson Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_jail.c sysv_msg.c sysv_sem.c sysv_shm.c src/sys/sys jail.h In-Reply-To: <200010310134.RAA51258@freefall.freebsd.org> References: <200010310134.RAA51258@freefall.freebsd.org> Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG < said: > o This is not the "real fix" which involves virtualizing the System V > IPC namespace, but prevents processes within jail from influencing those > outside of jail when not approved by the administrator. If we reimplemented System V IPC in terms of POSIX IPC -- which would require actually implementing POSIX message queues and semaphores -- this would take care of itself automagically. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message