| Property | Value |
|---|---|
| OID | 7ffffce3.7ffffd41.7ffffd34.7ffffd14 |
| Description | Jail permission flags |
| Label | |
| Type | node |
| Format | N |
| Flags |
|
| Child | Description |
|---|---|
| security.jail.param.allow.mount | Jail mount/unmount permission flags |
| security.jail.param.allow.suser | Processes in jail with uid 0 have privilege |
| security.jail.param.allow.unprivileged_proc_debug | Unprivileged processes may use process debugging facilities |
| security.jail.param.allow.read_msgbuf | Jail may read the kernel message buffer |
| security.jail.param.allow.reserved_ports | Jail may bind sockets to reserved ports |
| security.jail.param.allow.mlock | Jail may lock (unlock) physical pages in memory |
| security.jail.param.allow.socket_af | Jail may create sockets other than just UNIX/IPv4/IPv6/route |
| security.jail.param.allow.quotas | Jail may set file quotas |
| security.jail.param.allow.chflags | Jail may alter system file flags |
| security.jail.param.allow.raw_sockets | Jail may create raw sockets |
| security.jail.param.allow.sysvipc | Jail may use SYSV IPC |
| security.jail.param.allow.set_hostname | Jail may set hostname |