Date: Thu, 29 Sep 2016 16:29:49 +0000 (UTC) From: Allan Jude <allanjude@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r306452 - head/sys/kern Message-ID: <201609291629.u8TGTne2079554@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: allanjude Date: Thu Sep 29 16:29:49 2016 New Revision: 306452 URL: https://svnweb.freebsd.org/changeset/base/306452 Log: Allow reading the following sysctl MIBs in capability mode: kern.hostname, kern.domainname, and kern.hostuuid This allows sandboxed applications to read these sysctls Submitted by: cem (original version) Reviewed by: cem, jonathan, rwatson (original version) Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D8015 Modified: head/sys/kern/kern_mib.c Modified: head/sys/kern/kern_mib.c ============================================================================== --- head/sys/kern/kern_mib.c Thu Sep 29 14:35:32 2016 (r306451) +++ head/sys/kern/kern_mib.c Thu Sep 29 16:29:49 2016 (r306452) @@ -316,15 +316,15 @@ sysctl_hostname(SYSCTL_HANDLER_ARGS) } SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname, - CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, (void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN, sysctl_hostname, "A", "Hostname"); SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname, - CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, (void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN, sysctl_hostname, "A", "Name of the current YP/NIS domain"); SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid, - CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE, (void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN, sysctl_hostname, "A", "Host UUID");
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609291629.u8TGTne2079554>