Date: Mon, 02 Mar 2015 01:02:30 -0800 From: Julian Elischer <julian@freebsd.org> To: Ian Lepore <ian@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r279361 - in head: sys/kern sys/sys usr.sbin/jail Message-ID: <54F42726.3000602@freebsd.org> In-Reply-To: <201502271628.t1RGSurE067472@svn.freebsd.org> References: <201502271628.t1RGSurE067472@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/27/15 8:28 AM, Ian Lepore wrote: > > Log: > Allow the kern.osrelease and kern.osreldate sysctl values to be set in a > jail's creation parameters. This allows the kernel version to be reliably > spoofed within the jail whether examined directly with sysctl or > indirectly with the uname -r and -K options. > [..] > There is no sanity or range checking, other than disallowing an empty > release string or a zero release date, by design. The system > administrator is trusted to set sane values. Setting values that are > newer than the actual running kernel will likely cause compatibility > problems. > I would think that you could at set time ensure that only older releases were allowed.. I'm not sure what the rule would be with sub-sub-jails.. older than parent, or older than base system..?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54F42726.3000602>