[Bug 211580] deny system message buffer access from jails

[bugzilla...@freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211580

Bug ID: 211580
Summary: deny system message buffer access from jails
Product: Base System
Version: CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebs...@FreeBSD.org
Reporter: b...@FreeBSD.org

We should prevent jails from being able to read the kernel message buffer (deny
dmesg). That seems to currently be possible...

root@:/ # sysctl -a | grep jailed
security.jail.jailed: 1
root@:/ # dmesg | wc -l
1771
root@:/ #

--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebs...@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs...@freebsd.org"

[bugzilla...@freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=211580

Bjoern A. Zeeb <b...@FreeBSD.org> changed:

What |Removed |Added
----------------------------------------------------------------------------
Keywords| |security
CC| |b...@FreeBSD.org