--bichG//H2mG70Fl1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Aug 22, 2013 at 12:15:29PM -0700, Xin Li wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > Hi, >=20 > Do anybody have concerns if I would commit this? >=20 > Index: sys/fs/tmpfs/tmpfs_vfsops.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > - --- sys/fs/tmpfs/tmpfs_vfsops.c (revision 254663) > +++ sys/fs/tmpfs/tmpfs_vfsops.c (working copy) > @@ -420,4 +420,4 @@ struct vfsops tmpfs_vfsops =3D { > .vfs_statfs =3D tmpfs_statfs, > .vfs_fhtovp =3D tmpfs_fhtovp, > }; > - -VFS_SET(tmpfs_vfsops, tmpfs, 0); > +VFS_SET(tmpfs_vfsops, tmpfs, VFCF_JAIL); >=20 Unrestricted tmpfs mounts can easily consume all available memory, making the host unusable. But the change is probably fine, since we have global 'disable mount from the jail' flag. --bichG//H2mG70Fl1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iQIcBAEBAgAGBQJSFoSbAAoJEJDCuSvBvK1B7dYP/iYajaL4lhFs0d7tm8dDMBB6 n4CgaoDAtTzj8UqcBFleeeDKqnvj+PnymR5v/PQwuwLxjkTj6sbOZ+fOGQT/kiy+ Zp0NzuqX6H7Ur45Nwt66wqA7PxOxUuLugpt1/lBreDZiPme8+xwIj9CRK/9Nt+4a ODeX7ob0B0lqDCBzj8h3xRXWjgCV05Yq2GtVkqbVGptIMgYOWhCgqBXTyoDb36qQ av4g/yMq1DzHsaq8nRLfF/GyF1BtUSk+nf1t0Dh5UaSFSLPKncl5CV5vU9yEMtWm d5KCrWzZqUuG863znfpxVRz2ya2Bl8K/5d93pOt/yl/De8pVy44lCmn7N8HA3HB9 OL7+C+vTA4L8rWsNw1K1v727+i+2YSEvOgrSKhUYAuQT35E0FT0QC1WJesyYZaIJ 9zxrsJeJ7fiEoKxk+k1rh7mr39f4CiS8DjlM7pWG0xAR8GU5lhe1NsXnAk2X1lH6 TxIA7wBvEPOGRG28cqQlC3um+iNourgFalPEBML2f61ZVs7MZ06bDZsCvioIB2fi Ns4Y96L2Npu5/zEON93iYf/a5J3yD2G3iDhiMtyeatg2qiwx69j5uIUoiPtzen8E 5p14MI9jWVk7Q0Effij1R6VK1YWX7j+gslg6ktfVBTw9jxYPM0VH4m0p5TWbSMJI rwbai0r9zOakzPw/TCFV =AOCT -----END PGP SIGNATURE----- --bichG//H2mG70Fl1--