d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ce51a9fcf9
freebsd-dev/sys
History
Robert Watson 7cadc2663e o Modify jail to limit creation of sockets to UNIX domain sockets, 
TCP/IP (v4) sockets, and routing sockets.  Previously, interaction
  with IPv6 was not well-defined, and might be inappropriate for some
  environments.  Similarly, sysctl MIB entries providing interface
  information also give out only addresses from those protocol domains.

  For the time being, this functionality is enabled by default, and
  toggleable using the sysctl variable jail.socket_unixiproute_only.
  In the future, protocol domains will be able to determine whether or
  not they are ``jail aware''.

o Further limitations on process use of getpriority() and setpriority()
  by jailed processes.  Addresses problem described in kern/17878.

Reviewed by:	phk, jmg
2000-06-04 04:28:31 +00:00
..
alpha Change sl(4) configuration lines to reflect its new dynamic nature. 2000-05-30 23:01:37 +00:00
amd64 Fixed some style bugs in the signal handling funcations. This doesn't 2000-06-03 14:19:01 +00:00
boot Record the new PALcode revision in the pcs structure after changing to 2000-06-03 08:24:37 +00:00
cam Disable multi-lun probing on Hitachi DK31* drives. 2000-06-04 03:17:37 +00:00
coda Remove 42 unneeded #include <sys/ioccom.h>. 2000-05-03 07:31:38 +00:00
compat Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
compile
conf Use "nm | awk ..." instead of genassym(1) to generate symbol value headers. 2000-06-02 09:27:48 +00:00
contrib Fix a reference to an old FreeBSD 2.2 register name. 2000-05-28 16:21:45 +00:00
crypto Remove ~25 unneeded #include <sys/conf.h> 2000-04-19 14:58:28 +00:00
ddb Add a new sysctl "debug.enter_debugger" (when the kernel is compiled 2000-01-27 22:27:34 +00:00
dev parityrebuild: write the parity block back to the correct subdisk. 2000-06-02 04:05:40 +00:00
fs Update the comment for fdesc_setattr to reflect that we no longer 2000-06-02 07:08:18 +00:00
geom Separate the struct bio related stuff out of <sys/buf.h> into 2000-05-05 09:59:14 +00:00
gnu The change to do a longword compare in the previous commit just broke an 2000-06-03 11:09:09 +00:00
i4b Make this compile without the old 2.2 compatability defines. 2000-05-28 16:24:17 +00:00
i386 Fixed some style bugs in the signal handling funcations. This doesn't 2000-06-03 14:19:01 +00:00
isa Add SWI_TQ_MASK to all interrupt masks except SWI_CLOCK_MASK. Use a 2000-05-31 13:32:28 +00:00
isofs/cd9660 Separate the struct bio related stuff out of <sys/buf.h> into 2000-05-05 09:59:14 +00:00
kern o Modify jail to limit creation of sockets to UNIX domain sockets, 2000-06-04 04:28:31 +00:00
libkern Add $FreeBSD$ 2000-05-01 20:32:07 +00:00
miscfs Update the comment for fdesc_setattr to reflect that we no longer 2000-06-02 07:08:18 +00:00
modules Fixed style bugs that I unfortunately noticed because bsd.kmod.mk was 2000-06-03 11:45:00 +00:00
msdosfs Separate the struct bio related stuff out of <sys/buf.h> into 2000-05-05 09:59:14 +00:00
net Don't try to apply ipfw filtering to non-IP packets. 2000-06-02 22:47:53 +00:00
netatalk Just need to pass the address family to if_simloop(), not the whole sockaddr. 2000-05-24 21:16:56 +00:00
netatm Just need to pass the address family to if_simloop(), not the whole sockaddr. 2000-05-24 21:16:56 +00:00
netgraph Fix bug where receive statistics for the bundle were not getting updated. 2000-06-01 01:29:49 +00:00
netinet Add boundary checks against IP options. 2000-06-02 20:18:38 +00:00
netinet6 Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
netipx Add $FreeBSD$ 2000-05-01 20:32:07 +00:00
netkey Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
netnatm Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
netncp Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
netns Clean up some loose ends in the network code, including the X.25 and ISO 2000-02-13 03:32:07 +00:00
nfs Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
nfsclient Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
nfsserver Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
ntfs Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
nwfs Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
pc98 Update of isa drivers using compatability shims to use COMPAT_ISA_DRIVER(). 2000-05-31 10:51:53 +00:00
pccard Add ACTIONTECH #define for plug and play. Also add PnP support to NEWCARD 2000-05-29 02:44:33 +00:00
pci Rework the support for the internal autonegotiation on the 21143 and 2000-05-31 05:40:53 +00:00
posix4 Add $FreeBSD$ 2000-05-01 20:32:07 +00:00
powerpc Handle PCI devices that actually use an ISA IRQ for the cia and tsunami 2000-05-10 18:54:28 +00:00
rpc $Id$ -> $FreeBSD$ 1999-08-27 23:45:13 +00:00
svr4 Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
sys o Modify jail to limit creation of sockets to UNIX domain sockets, 2000-06-04 04:28:31 +00:00
tools Use a seperate -c and -h mode. The vnode_if.c file is compiled only into 1999-12-12 16:43:05 +00:00
ufs Back out the previous change to the queue(3) interface. 2000-05-26 02:09:24 +00:00
vm This is a cleanup patch to Peter's new OBJT_PHYS VM object type 2000-05-29 22:40:54 +00:00
Makefile Cause modules to build with the kernel build. Modules are removed 2000-05-02 02:26:04 +00:00