From owner-cvs-src@FreeBSD.ORG  Sat Feb 14 10:31:12 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 83AD916A4CE; Sat, 14 Feb 2004 10:31:12 -0800 (PST)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7EE6443D1F; Sat, 14 Feb 2004 10:31:12 -0800 (PST)
	(envelope-from rwatson@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.10/8.12.10) with ESMTP id i1EIVCGe079082;
	Sat, 14 Feb 2004 10:31:12 -0800 (PST)
	(envelope-from rwatson@repoman.freebsd.org)
Received: (from rwatson@localhost)
	by repoman.freebsd.org (8.12.10/8.12.10/Submit) id i1EIVCwL079081;
	Sat, 14 Feb 2004 10:31:12 -0800 (PST)
	(envelope-from rwatson)
Message-Id: <200402141831.i1EIVCwL079081@repoman.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Sat, 14 Feb 2004 10:31:12 -0800 (PST)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org,
	cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Subject: cvs commit: src/sys/sys jail.h src/sys/kern kern_jail.c
 vfs_syscalls.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Feb 2004 18:31:12 -0000

rwatson     2004/02/14 10:31:12 PST

  FreeBSD src repository

  Modified files:
    sys/sys              jail.h 
    sys/kern             kern_jail.c vfs_syscalls.c 
  Log:
  By default, when a process in jail calls getfsstat(), only return the
  data for the file system on which the jail's root vnode is located.
  Previous behavior (show data for all mountpoints) can be restored
  by setting security.jail.getfsstatroot_only to 0.  Note: this also
  has the effect of hiding other mounts inside a jail, such as /dev,
  /tmp, and /proc, but errs on the side of leaking less information.
  
  Revision  Changes    Path
  1.36      +20 -0     src/sys/kern/kern_jail.c
  1.337     +8 -0      src/sys/kern/vfs_syscalls.c
  1.20      +3 -0      src/sys/sys/jail.h