Date: Mon, 26 Jul 1999 04:02:36 +1000 From: Sue Blake <sue@welearn.com.au> To: freebsd-hackers@freebsd.org Cc: freebsd-doc@freebsd.org Subject: sandbox?? Message-ID: <19990726040233.E7349@welearn.com.au>
next in thread | raw e-mail | index | archive | help
Hi clever people
Nobody seems to be confident about the answer to my post to -questions.
Below is the only public answer. It is typical of many private answers
I received from otherwise knowledgeable people willing to make a
partial educated guess but not willing to expose their ignorance
publicly. They're all keen to know whatever I can find out :-)
On Mon, Jul 19, 1999 at 07:58:01AM -0400, T. William Wells wrote:
> In article <19990719212431.D300@welearn.com.au>,
> Sue Blake <sue@welearn.com.au> wrote:
> : Could someone tell me what is a sandbox, what does it do, how does it
> : work, how do I use it, or where is it documented?
> : named(8) and security(8) seem to assume one already knows.
>
> It's a generic term. It refers to a restricted environment in
> which something is to be done. Exactly how a sandbox is
> implemented depends on the specific application.
As you see it is far from the complete 4-5 part answer I need. The
problem that I see is that our named.conf refers to this sandbox thing,
implies that it is actually the default method for BIND in FreeBSD (I
don't think it is though), and directs the user to man pages which
don't provide the necessary info to be able to confidently
(un)implement it.
If nobody understands how this sandbox thing works, we should change
the named.conf that we supply. If somebody does, then they or someone
who they teach (me if really necessary) needs to document it so that
anyone seriously interested can figure it out on thier own (or at least
accept the defaults with confidence), and then change at least the
named.conf to point to that info. It sounds like a good idea, worth
giving people the resources to use it.
(Email cc would be appreciated)
--
Regards,
-*Sue*-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990726040233.E7349>