Jamie,
On Fri, Sep 06, 2013 at 12:59:06PM -0600, Jamie Gritton wrote:
J J +
J J + /*
J J +* As in the non-jail case, non-root users are expected
to be
J J +* able to read kernel/phyiscal memory (provided
/dev/[k]mem
J J +*
On 09/07/13 00:03, Gleb Smirnoff wrote:
Does that mean that we always have had ability for a jail-root to
investigate kernel memory?
Only if you're crazy enough to have a /dev/kmem inside your jail.
--
Colin Percival
Security Officer Emeritus, FreeBSD | The power to serve
Founder, Tarsnap |
On Sat, Sep 07, 2013 at 12:06:32AM -0700, Colin Percival wrote:
On 09/07/13 00:03, Gleb Smirnoff wrote:
Does that mean that we always have had ability for a jail-root to
investigate kernel memory?
Only if you're crazy enough to have a /dev/kmem inside your jail.
Have we ability to export
On 09/07/13 01:03, Slawa Olhovchenkov wrote:
On Sat, Sep 07, 2013 at 12:06:32AM -0700, Colin Percival wrote:
On 09/07/13 00:03, Gleb Smirnoff wrote:
Does that mean that we always have had ability for a jail-root to
investigate kernel memory?
Only if you're crazy enough to have a /dev/kmem
On 09/06/13 12:18, Gleb Smirnoff wrote:
On Fri, Sep 06, 2013 at 05:32:29PM +, Jamie Gritton wrote:
J Author: jamie
J Date: Fri Sep 6 17:32:29 2013
J New Revision: 255316
J URL: http://svnweb.freebsd.org/changeset/base/255316
J
J Log:
J Keep PRIV_KMEM_READ permitted inside jails as
On Fri, Sep 06, 2013 at 05:32:29PM +, Jamie Gritton wrote:
J Author: jamie
J Date: Fri Sep 6 17:32:29 2013
J New Revision: 255316
J URL: http://svnweb.freebsd.org/changeset/base/255316
J
J Log:
J Keep PRIV_KMEM_READ permitted inside jails as it is on the outside.
J
J Modified:
J