Limit quota privileges in jail to PRIV_UFS_GETQUOTA and

PRIV_UFS_SETQUOTA.
author: rwatson <rwatson@FreeBSD.org> 2007-02-19 13:26:39 +0000
committer: rwatson <rwatson@FreeBSD.org> 2007-02-19 13:26:39 +0000
commit: 58e926bc9496da2b6024e2b8f33bd40c45a00fd6 (patch)
tree: a634e907bb5ce1f599aa62b8768068cf7639d1e9 /sys/kern
parent: 07f6768e54053b9220f8ce9a39ce7f5975c0a8aa (diff)
download: FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.zip
FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.tar.gz
1 files changed, 2 insertions, 5 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index d6e65fa..8495fb9 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -618,14 +618,11 @@ prison_priv_check(struct ucred *cred, int priv)
 
 		/*
 		 * Allow root in jail to manage a variety of quota
-		 * properties.  Some are a bit surprising and should be
-		 * reconsidered.
+		 * properties.  These should likely be conditional on a
+		 * configuration option.
 		 */
 	case PRIV_UFS_GETQUOTA:
-	case PRIV_UFS_QUOTAOFF:		/* XXXRW: Slightly surprising. */
-	case PRIV_UFS_QUOTAON:		/* XXXRW: Slightly surprising. */
 	case PRIV_UFS_SETQUOTA:
-	case PRIV_UFS_SETUSE:		/* XXXRW: Slightly surprising. */
 
 		/*
 		 * Since Jail relies on chroot() to implement file system
author	rwatson <rwatson@FreeBSD.org>	2007-02-19 13:26:39 +0000
committer	rwatson <rwatson@FreeBSD.org>	2007-02-19 13:26:39 +0000
commit	58e926bc9496da2b6024e2b8f33bd40c45a00fd6 (patch)
tree	a634e907bb5ce1f599aa62b8768068cf7639d1e9 /sys/kern
parent	07f6768e54053b9220f8ce9a39ce7f5975c0a8aa (diff)
download	FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.zip FreeBSD-src-58e926bc9496da2b6024e2b8f33bd40c45a00fd6.tar.gz