d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow root in the host environment to open ptys within jailed environments.

Browse Source 
This logic change was introduced in revision 1.74:

Correct an oversight in jail() that allowed processes in jail to access
ptys in ways that might be unethical, especially towards processes not in
jail, or in other jails.

It should be fine to allow root in the host environment to do this. This
allows for more effective monitoring of prisons from the host environment.

Discussed with:	rwatson
MFC after:	1 week
This commit is contained in:
csjp 2006-01-31 17:17:45 +00:00
parent 7c376f7072
commit 1e1959a627
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sys/kern/tty_pty.c
View File

@ -200,7 +200,7 @@ ptsopen(struct cdev *dev, int flag, int devtype, struct thread *td)
ttyinitmode(tp, 1, 0);
} else if (tp->t_state & TS_XCLUDE && suser(td))
return (EBUSY);
else if (pt->pt_prison != td->td_ucred->cr_prison)
else if (pt->pt_prison != td->td_ucred->cr_prison && suser(td))
return (EBUSY);
if (tp->t_oproc) /* Ctrlr still around. */
(void)ttyld_modem(tp, 1);