beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-22 07:30:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Base: Add a note about Jails open access in the Mitigations(7) document

Browse source
This commit is contained in:
Liav A 2022-12-02 11:37:46 +02:00 committed by Andrew Kaster
parent d4b65f644e
commit 905becc991
Notes: sideshowbarker 2024-07-17 03:34:21 +09:00 
Author: https://github.com/supercomputer7
Commit: https://github.com/SerenityOS/serenity/commit/905becc991
Pull-request: https://github.com/SerenityOS/serenity/pull/16282
Reviewed-by: https://github.com/ADKaster
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Base/usr/share/man/man7/Mitigations.md
View file

@ -103,6 +103,8 @@ Special restrictions on filesystem also apply:
- Read accesses is forbidden by default to all nodes in `/sys/kernel` directory, except for:
`df`, `interrupts`, `keymap`, `memstat`, `processes`, `stats` and `uptime`.
- Write access is forbidden to kernel variables (which are located in `/sys/kernel/variables`).
- Open access is forbidden to all device nodes except for `/dev/full`, `/dev/null`, `/dev/zero`, `/dev/random` and various
other TTY/PTY devices (not including Kernel virtual consoles).
It was first added in the following [commit](https://github.com/SerenityOS/serenity/commit/5e062414c11df31ed595c363990005eef00fa263),
for kernel support, and the following commits added basic userspace utilities: