From a4d6222e61aa4e9720106e003677063953ac8766 Mon Sep 17 00:00:00 2001
From: rwatson <rwatson@FreeBSD.org>
Date: Wed, 9 Feb 2000 22:08:12 +0000
Subject: [PATCH] Remove /dev/console from the jail /dev environment.  It's
 probably not strictly a security hole, but neither is it a very good idea. 
 Replace it with a symlink to /dev/null to happify programs that expect it.

It is suggested that users of the jail environment modify the jail's
syslog.conf to not send stuff to /dev/console, but instead syslog
it somewhere else.  Such as a loghost, potentially even to the host
environment's syslog.

Approved by:	jkh
---
 etc/MAKEDEV | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/etc/MAKEDEV b/etc/MAKEDEV
index e4a74148fa1f..5456ed8dc3ae 100644
--- a/etc/MAKEDEV
+++ b/etc/MAKEDEV
@@ -319,9 +319,10 @@ std)
 
 jail)
 	sh MAKEDEV std pty0
-	rm mem kmem pci io klog		# for security
+	rm mem kmem pci io klog console		# for security
 	ln -sf null mem			# for libkvm (ab)users
 	ln -sf null kmem		# --//--
+	ln -sf null console
 	;;
 
 mach-4)