mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-26 19:03:48 +01:00
5df041c4bb
The situation is improved now that we're running in a sandbox, but there is still some host machine access that could be concerning depending on the context. These concerns may be somewhat mitigated by the fact that the host machine usually provides the loader binary, even when the guest image is providing the loader scripts -- they only bring the lua scripts, and they have to be able to execute arbitrary syscalls rather than the interfaces provided by libsa(3). Reviewed by: jhb, markj Differential Revision: https://reviews.freebsd.org/D43299 |
||
|---|---|---|
| .. | ||
| bhyveload.8 | ||
| bhyveload.c | ||
| Makefile | ||
| Makefile.depend | ||