Allow reading the following sysctl MIBs in capability mode:
kern.hostname, kern.domainname, and kern.hostuuid This allows sandboxed applications to read these sysctls Submitted by: cem (original version) Reviewed by: cem, jonathan, rwatson (original version) Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D8015
This commit is contained in:
parent
bdff61f849
commit
0176ca2ed5
@ -316,15 +316,15 @@ sysctl_hostname(SYSCTL_HANDLER_ARGS)
|
||||
}
|
||||
|
||||
SYSCTL_PROC(_kern, KERN_HOSTNAME, hostname,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
|
||||
(void *)(offsetof(struct prison, pr_hostname)), MAXHOSTNAMELEN,
|
||||
sysctl_hostname, "A", "Hostname");
|
||||
SYSCTL_PROC(_kern, KERN_NISDOMAINNAME, domainname,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
|
||||
(void *)(offsetof(struct prison, pr_domainname)), MAXHOSTNAMELEN,
|
||||
sysctl_hostname, "A", "Name of the current YP/NIS domain");
|
||||
SYSCTL_PROC(_kern, KERN_HOSTUUID, hostuuid,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE,
|
||||
CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_CAPRD | CTLFLAG_MPSAFE,
|
||||
(void *)(offsetof(struct prison, pr_hostuuid)), HOSTUUIDLEN,
|
||||
sysctl_hostname, "A", "Host UUID");
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user