Add a warning note to security.jail.allow_raw_sockets

about the risks of enabling raw sockets in prisons. Because raw sockets can be used to configure and interact with various network subsystems, extra caution should be used where privileged access to jails is given out to untrusted parties. As such, by default this option is disabled. A few others and I are currently auditing the kernel source code to ensure that the use of raw sockets by privledged prison users is safe. Approved by: bmilekic (mentor)
svn path=/head/; revision=129909
2004-06-01 00:25:44 +00:00 · 2004-06-01 00:25:44 +00:00 · 8bac4dbf71 · 2020-12-20 02:59:44 +00:00
commit 8bac4dbf71
parent 7934cbe0d3
1 changed files with 4 additions and 1 deletions
--- a/usr.sbin/jail/jail.8
+++ b/usr.sbin/jail/jail.8
@ -419,7 +419,10 @@ is set, the source IP addresses are enforced to comply
 with the IP address bound to the jail, regardless of whether or not
 the
 .Dv IP_HDRINCL
-flag has been set on the socket.
+flag has been set on the socket. Because raw sockets can be used to configure
+and interact with various network subsystems, extra caution should be used
+where privileged access to jails is given out to untrusted parties. As such,
+by default this option is disabled.
 .It Va security.jail.getfsstatroot_only
 This MIB entry determines whether or not processes within a jail are able
 to see data for all mountpoints.