kern_jail.c (217896) | kern_jail.c (219304) |
---|---|
1/*- 2 * Copyright (c) 1999 Poul-Henning Kamp. 3 * Copyright (c) 2008 Bjoern A. Zeeb. 4 * Copyright (c) 2009 James Gritton. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 13 unchanged lines hidden (view full) --- 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1999 Poul-Henning Kamp. 3 * Copyright (c) 2008 Bjoern A. Zeeb. 4 * Copyright (c) 2009 James Gritton. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 13 unchanged lines hidden (view full) --- 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29#include <sys/cdefs.h> |
30__FBSDID("$FreeBSD: head/sys/kern/kern_jail.c 217896 2011-01-26 20:03:58Z dchagin $"); | 30__FBSDID("$FreeBSD: head/sys/kern/kern_jail.c 219304 2011-03-05 12:40:35Z trasz $"); |
31 32#include "opt_compat.h" 33#include "opt_ddb.h" 34#include "opt_inet.h" 35#include "opt_inet6.h" 36 37#include <sys/param.h> 38#include <sys/types.h> --- 3830 unchanged lines hidden (view full) --- 3869 /* 3870 * Since jail implements its own visibility limits on netstat 3871 * sysctls, allow getcred. This allows identd to work in 3872 * jail. 3873 */ 3874 case PRIV_NETINET_GETCRED: 3875 return (0); 3876 | 31 32#include "opt_compat.h" 33#include "opt_ddb.h" 34#include "opt_inet.h" 35#include "opt_inet6.h" 36 37#include <sys/param.h> 38#include <sys/types.h> --- 3830 unchanged lines hidden (view full) --- 3869 /* 3870 * Since jail implements its own visibility limits on netstat 3871 * sysctls, allow getcred. This allows identd to work in 3872 * jail. 3873 */ 3874 case PRIV_NETINET_GETCRED: 3875 return (0); 3876 |
3877 /* 3878 * Allow jailed root to set loginclass. 3879 */ 3880 case PRIV_PROC_SETLOGINCLASS: 3881 return (0); 3882 |
|
3877 default: 3878 /* 3879 * In all remaining cases, deny the privilege request. This 3880 * includes almost all network privileges, many system 3881 * configuration privileges. 3882 */ 3883 return (EPERM); 3884 } --- 490 unchanged lines hidden --- | 3883 default: 3884 /* 3885 * In all remaining cases, deny the privilege request. This 3886 * includes almost all network privileges, many system 3887 * configuration privileges. 3888 */ 3889 return (EPERM); 3890 } --- 490 unchanged lines hidden --- |