diff options
| author | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:10:29 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:10:29 +0000 |
| commit | 566d08ef612649fd58f63b8cf488b1f8d27e8a4d (patch) | |
| tree | 3d3f618cef023c1e72d3ae81a97ce3261f64990a /sys/kern | |
| parent | 228e8a2b29d7c94285648c37d782ba794782e3a8 (diff) | |
| download | FreeBSD-src-566d08ef612649fd58f63b8cf488b1f8d27e8a4d.zip FreeBSD-src-566d08ef612649fd58f63b8cf488b1f8d27e8a4d.tar.gz | |
For now, reflect practical reality that Audit system calls aren't
allowed in Jail: return a privilege error.
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_jail.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index c676ddc..d6e65fa 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -542,6 +542,7 @@ prison_priv_check(struct ucred *cred, int priv) */ case PRIV_KTRACE: +#if 0 /* * Allow jailed processes to configure audit identity and * submit audit records (login, etc). In the future we may @@ -551,6 +552,7 @@ prison_priv_check(struct ucred *cred, int priv) case PRIV_AUDIT_GETAUDIT: case PRIV_AUDIT_SETAUDIT: case PRIV_AUDIT_SUBMIT: +#endif /* * Allow jailed processes to manipulate process UNIX |
