Date: Wed, 27 Jan 1999 17:46:45 -0200 (EDT) From: Joao Carlos Mendes Luis <jonny@jonny.eng.br> To: phk@FreeBSD.ORG (Poul-Henning Kamp) Cc: current@FreeBSD.ORG Subject: Re: "JAIL" code headed for -current. Message-ID: <199901271946.RAA28507@roma.coe.ufrj.br> In-Reply-To: <29763.917434096@critter.freebsd.dk> from Poul-Henning Kamp at "Jan 27, 1999 11:48:16 am"
next in thread | previous in thread | raw e-mail | index | archive | help
#define quoting(Poul-Henning Kamp) // I'm polishing up the "JAIL" code I wrote and readying it for -current. // // This code provides an optional strenthening of the chroot() jail // as we know it, and will provide safe sandboxes for most practical // uses. // // The biggest impact of this is a new argument to the suser() call // all over the kernel: // // suser(NOJAIL, bla, bla); // or // suser(0, bla, bla); // // The NOJAIL option means that a jailed root fails the test. Do you have a list of which tests will receive this option ? // I will add this extra arg to suser() in the first commit. // // Each Jail can optionally be assigned one IP number, which they // have access to. All connections to and from that jail will // use that IP#. This looks interesting. How would you specify the IP to use ? Jonny -- Joao Carlos Mendes Luis M.Sc. Student jonny@jonny.eng.br Universidade Federal do Rio de Janeiro "This .sig is not meant to be politically correct." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901271946.RAA28507>