From owner-cvs-all Tue Oct 31 20:28:14 2000 Delivered-To: cvs-all@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 8370437B479; Tue, 31 Oct 2000 20:28:07 -0800 (PST) Received: from newsguy.com (p52-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.117]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id NAA20511; Wed, 1 Nov 2000 13:28:01 +0900 (JST) Message-ID: <39FF9B77.53831AF8@newsguy.com> Date: Wed, 01 Nov 2000 13:26:31 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: Garrett Wollman Cc: Robert Watson , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_jail.c sysv_msg.c sysv_sem.csysv_shm.c src/sys/sys jail.h References: <200010310134.RAA51258@freefall.freebsd.org> <200010311742.MAA85025@khavrinen.lcs.mit.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Garrett Wollman wrote: > > < said: > > > o This is not the "real fix" which involves virtualizing the System V > > IPC namespace, but prevents processes within jail from influencing those > > outside of jail when not approved by the administrator. > > If we reimplemented System V IPC in terms of POSIX IPC -- which would > require actually implementing POSIX message queues and semaphores -- > this would take care of itself automagically. What about shared memory? -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@world.wide.bsdconspiracy.net He has been convicted of criminal possession of a clue with intent to distribute. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message