Hi, I noticed that users can see jail processes even when security.bsd.see_other_uids=0 and security.bsd.see_other_gids=0 are set, if the process happens to be the same UID/GID as the user. So I created a patch which adds a security.bsd.see_jail_proc sysctl which hides jail processes from non-root users regardless of see_other_*. The patch is here:
https://reviews.freebsd.org/D10770 Any feedback would be appreciated. Thanks, Steve
signature.asc
Description: OpenPGP digital signature
