DF-0190
logopen performs no jail check beyond devfs file mode
Summary
logopen trusts devfs 0600 mode only. No prison_priv_check. If /dev/klog exposed to jail via devfs rules, jailed root reads host kernel messages. Default devfs does not expose. Defense-in-depth.