--- Comment #18 from Joe Barbish <[hidden email]> ---
(In reply to Jamie Gritton from comment #16)
The whole point of this PR is about the ability for the dmesg command to exec
from within a jail. The consensus is yes it's a security leak of host
information. Now were faced with should "allow.show.dmesg" default to being set
to "NO". As a Jail admin I would prefer additional security to automatically
happen without any effort on my part. I think this is such a minor thing that
it would go unnoticed.
In this same subject of leaked info into a jail I see 2 additional candidates.
1. The "sysctl" console command. When issued from within a jail it will show
the host value. But when you try to use sysctl to change a value you get
"Operation not permitted". This is the jail doing it's job. I think a
"allow.show.sysctl" should be added with the default being not to show
2. The "kenv" console command. When issued from within a jail it will show the
host values. This is giving out info akin to what the dmesg is showing. I think
a "allow.show.kenv" should be added with the default being not to show
I see these 3 leaks as trivial items that were over looked in jail(8) original
design. Now we have the opportunity to revisit the subject of console commands
that leak host info into a jail and close those leaks.
Their may be other commands that behave in like manner that other people may
present here for addressing in the same manner.