Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 29 Sep 2016 16:29:49 +0000 (UTC)
From:      Allan Jude <allanjude@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r306452 - head/sys/kern
Message-ID:  <201609291629.u8TGTne2079554@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: allanjude
Date: Thu Sep 29 16:29:49 2016
New Revision: 306452
URL: https://svnweb.freebsd.org/changeset/base/306452

Log:
  Allow reading the following sysctl MIBs in capability mode:
  kern.hostname, kern.domainname, and kern.hostuuid
  
  This allows sandboxed applications to read these sysctls
  
  Submitted by:	cem (original version)
  Reviewed by:	cem, jonathan, rwatson (original version)
  Sponsored by:	ScaleEngine Inc.
  Differential Revision:	https://reviews.freebsd.org/D8015

Modified:
  head/sys/kern/kern_mib.c

Modified: head/sys/kern/kern_mib.c
==============================================================================
--- head/sys/kern/kern_mib.c	Thu Sep 29 14:35:32 2016	(r306451)
+++ head/sys/kern/kern_mib.c	Thu Sep 29 16:29:49 2016	(r306452)
@@ -316,15 +316,15 @@ sysctl_hostname(SYSCTL_HANDLER_ARGS)
 }
 
 SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
-    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
     (void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN,
     sysctl_hostname, "A", "Hostname");
 SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname,
-    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
     (void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN,
     sysctl_hostname, "A", "Name of the current YP/NIS domain");
 SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid,
-    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
+    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
     (void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN,
     sysctl_hostname, "A", "Host UUID");

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609291629.u8TGTne2079554>