On Thu, Jul 17, 2003 at 06:07:48PM +0200, Pawel Jakub Dawidek wrote: +> Patch add also two flags to sysctls: +> CTLFLAG_USERINV - sysctl is invisible for unprivileged users +> CTLFLAG_JAILINV - sysctl is invisible in jail environment
Note, that things like security.bsd.unprivileged_read_msgbuf (protecting two sysctls from reading) could be made in general way with those flags and any sysctl or sysctls node could be protected with them. -- Pawel Jakub Dawidek [EMAIL PROTECTED] UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net
pgp00000.pgp
Description: PGP signature
