| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | Push Giant down in jails. Pass the MPSAFE flag to NDINIT, and keep track | Christian S.J. Peron | 2005-09-28 | 1 | -16/+15 |
| * | Actually only protect mount-point if security.jail.enforce_statfs is set to 2. | Pawel Jakub Dawidek | 2005-06-23 | 1 | -1/+0 |
| * | Rename sysctl security.jail.getfsstatroot_only to security.jail.enforce_statfs | Pawel Jakub Dawidek | 2005-06-09 | 1 | -11/+86 |
| * | - Use taskqueue_thread rather than taskqueue_swi since our task is going | Jeff Roberson | 2005-04-05 | 1 | -1/+1 |
| * | Drop a bogus mp_fixme(). Adding a lock would do nothing to reduce userland | John Baldwin | 2005-03-31 | 1 | -2/+0 |
| * | Add a new sysctl, "security.jail.chflags_allowed", which controls the | Colin Percival | 2005-02-08 | 1 | -0/+5 |
| * | /* -> /*- for copyright notices, minor format tweaks as necessary | Warner Losh | 2005-01-06 | 1 | -1/+1 |
| * | Add two missing includes and remove two uneeded. | Pawel Jakub Dawidek | 2004-06-27 | 1 | -0/+3 |
| * | Fix sysctl name: security.jail.getfsstate_getfsstatroot_only -> | Pawel Jakub Dawidek | 2004-05-20 | 1 | -1/+1 |
| * | Give jail(8) the feature to allow raw sockets from within a | Bosko Milekic | 2004-04-26 | 1 | -0/+5 |
| * | Remove sysctl security.jail.list_allowed. | Pawel Jakub Dawidek | 2004-03-15 | 1 | -6/+1 |
| * | Rework jail_attach(2) so that an already jailed process cannot hop | Jacques Vidrine | 2004-02-19 | 1 | -12/+12 |
| * | Added sysctl security.jail.jailed. | Pawel Jakub Dawidek | 2004-02-19 | 1 | -0/+13 |
| * | By default, don't allow processes in a jail to list the set of | Robert Watson | 2004-02-14 | 1 | -0/+7 |
| * | Fix mismerge in last commit: check that cred->cr_prison is NULL | Robert Watson | 2004-02-14 | 1 | -1/+1 |
| * | By default, when a process in jail calls getfsstat(), only return the | Robert Watson | 2004-02-14 | 1 | -0/+20 |
| * | Defer the vrele() on a jail's root vnode reference from prison_free() | Robert Watson | 2004-01-23 | 1 | -6/+22 |
| * | Use __FBSDID(). | David E. O'Brien | 2003-06-11 | 1 | -3/+3 |
| * | style(9) | Mike Barcroft | 2003-04-28 | 1 | -25/+20 |
| * | - The prison mutex cannot possibly protect pointers to the prison it | John Baldwin | 2003-04-17 | 1 | -3/+1 |
| * | o In struct prison, add an allprison linked list of prisons (protected | Mike Barcroft | 2003-04-09 | 1 | -20/+218 |
| * | Back out M_* changes, per decision of the TRB. | Warner Losh | 2003-02-19 | 1 | -1/+1 |
| * | Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. | Alfred Perlstein | 2003-01-21 | 1 | -1/+1 |
| * | Don't forget to destroy the mutex if an error occurs | Maxime Henrion | 2002-12-20 | 1 | -0/+1 |
| * | remove syscallarg(). | Alfred Perlstein | 2002-12-14 | 1 | -1/+1 |
| * | Use strlcpy() instead of strncpy() to copy NUL terminated strings | Robert Drehmel | 2002-10-17 | 1 | -3/+2 |
| * | The jail syscall calls chroot, which is not mpsafe, so put back a | Ian Dowse | 2002-07-01 | 1 | -0/+2 |
| * | - Alleviate jail() from having the burden of acquiring Giant by simply | Andrew R. Reiter | 2002-06-26 | 1 | -3/+0 |
| * | Change callers of mtx_init() to pass in an appropriate lock type name. In | John Baldwin | 2002-04-04 | 1 | -1/+1 |
| * | Change the suser() API to take advantage of td_ucred as well as do a | John Baldwin | 2002-04-01 | 1 | -1/+1 |
| * | Make getcredhostname() take a buffer and the buffer's size | Robert Drehmel | 2002-02-27 | 1 | -3/+12 |
| * | Add a function which returns the correct hostname for a given | Robert Drehmel | 2002-02-27 | 1 | -0/+11 |
| * | - Attempt to help declutter kern. sysctl by moving security out from | Andrew R. Reiter | 2002-01-16 | 1 | -5/+5 |
| * | - Move _jail sysctl node underneath _kern_security in order to standardize | Andrew R. Reiter | 2001-12-12 | 1 | -4/+5 |
| * | o Introduce pr_mtx into struct prison, providing protection for the | Robert Watson | 2001-12-03 | 1 | -0/+17 |
| * | o Move suser() calls in kern/ to using suser_xxx() with an explicit | Robert Watson | 2001-11-01 | 1 | -1/+1 |
| * | - Catch up to the new ucred API. | John Baldwin | 2001-10-11 | 1 | -18/+24 |
| * | o Initialize per-jail securelevel from global securelevel as part of | Robert Watson | 2001-09-26 | 1 | -0/+1 |
| * | KSE Milestone 2 | Julian Elischer | 2001-09-12 | 1 | -3/+4 |
| * | Pushdown Giant for acct(), kqueue(), kevent(), execve(), fork(), | Matthew Dillon | 2001-09-01 | 1 | -4/+14 |
| * | Anton kindly pointed out (and fixed) a bug in the Jail handling of the | Robert Watson | 2001-08-03 | 1 | -1/+8 |
| * | o Move per-process jail pointer (p->pr_prison) to inside of the subject | Robert Watson | 2001-02-21 | 1 | -18/+67 |
| * | Convert more malloc+bzero to malloc+M_ZERO. | David Malone | 2000-12-08 | 1 | -2/+1 |
| * | o Deny access to System V IPC from within jail by default, as in the | Robert Watson | 2000-10-31 | 1 | -0/+5 |
| * | o Modify jail to limit creation of sockets to UNIX domain sockets, | Robert Watson | 2000-06-04 | 1 | -1/+8 |
| * | Yet-another-update: rename ``kern.prison'' to a new sysctl root entry, | Robert Watson | 2000-02-12 | 1 | -0/+9 |
| * | Add a version number field to the jail(2) argument so that future changes | Poul-Henning Kamp | 1999-09-19 | 1 | -0/+2 |
| * | $Id$ -> $FreeBSD$ | Peter Wemm | 1999-08-28 | 1 | -1/+1 |
| * | Add beer-ware license and $Id$ | Poul-Henning Kamp | 1999-04-30 | 1 | -0/+11 |
| * | Make BOOTP to work again. | Poul-Henning Kamp | 1999-04-30 | 1 | -1/+1 |
