mirror of
https://github.com/freebsd/freebsd-src.git
synced 2024-12-04 03:49:02 +00:00
devfs.rules: unhide pf in vnet jails
/dev/pf is usable in vnet jails, so don't hide the node there. We shouldn't expose /dev/pf in regular jails, as that gives them control over the host (or parent vnet jail) firewall. Reviewed by: bz Differential Revision: https://reviews.freebsd.org/D26537
This commit is contained in:
parent
2622708419
commit
9e9be081d8
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=366461
@ -86,3 +86,7 @@ add include $devfsrules_unhide_basic
|
||||
add include $devfsrules_unhide_login
|
||||
add path fuse unhide
|
||||
add path zfs unhide
|
||||
|
||||
[devfsrules_jail_vnet=5]
|
||||
add include $devfsrules_jail
|
||||
add path pf unhide
|
||||
|
Loading…
Reference in New Issue
Block a user