On Thu, Feb 09, 2012 at 10:39:02AM +0000, Martin Matuska wrote: > Author: mm > Date: Thu Feb 9 10:39:01 2012 > New Revision: 231269 > URL: http://svn.freebsd.org/changeset/base/231269 > > Log: > Allow mounting nullfs(5) inside jails. > > This is now possible thanks to r230129. > > MFC after: 1 month
I'd really like to know that someone actually audited nullfs to see it can be safely managed within a jail. devfs is probably even more critical - hopefully it isn't possible to make simple administrative mistake that will allow to get access to, eg. /dev/kmem from within a jail or something similar. Changes like this one, which can have serious security implications, should be really properly reviewed. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl
pgpljNQ0Hhiul.pgp
Description: PGP signature
