diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:26:39 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:26:39 +0000 |
commit | 58e926bc9496da2b6024e2b8f33bd40c45a00fd6 (patch) | |
tree | a634e907bb5ce1f599aa62b8768068cf7639d1e9 /sys/kern | |
parent | 07f6768e54053b9220f8ce9a39ce7f5975c0a8aa (diff) | |
download | FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.zip FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.tar.gz |
Limit quota privileges in jail to PRIV_UFS_GETQUOTA and
PRIV_UFS_SETQUOTA.
Diffstat (limited to 'sys/kern')
-rw-r--r-- | sys/kern/kern_jail.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index d6e65fa..8495fb9 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -618,14 +618,11 @@ prison_priv_check(struct ucred *cred, int priv) /* * Allow root in jail to manage a variety of quota - * properties. Some are a bit surprising and should be - * reconsidered. + * properties. These should likely be conditional on a + * configuration option. */ case PRIV_UFS_GETQUOTA: - case PRIV_UFS_QUOTAOFF: /* XXXRW: Slightly surprising. */ - case PRIV_UFS_QUOTAON: /* XXXRW: Slightly surprising. */ case PRIV_UFS_SETQUOTA: - case PRIV_UFS_SETUSE: /* XXXRW: Slightly surprising. */ /* * Since Jail relies on chroot() to implement file system |