Date: Sun, 06 Jan 2019 20:42:40 +0000 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Wojciech Puchar <wojtek@puchar.net> Cc: Cy Schubert <Cy.Schubert@cschubert.com>, Hackers freeBSD <freebsd-hackers@freebsd.org>, Igor Mozolevsky <igor@hybrid-lab.co.uk>, Enji Cooper <yaneurabeya@gmail.com> Subject: Re: Strategic Thinking (was: Re: Speculative: Rust for base system components) Message-ID: <95697.1546807360@critter.freebsd.dk> In-Reply-To: <alpine.BSF.2.20.1901062128280.66665@puchar.net> References: <201901061912.x06JCKCa004324@slippy.cwsent.com> <alpine.BSF.2.20.1901062128280.66665@puchar.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-------- In message <alpine.BSF.2.20.1901062128280.66665@puchar.net>, Wojciech Puch= ar writes: >and this was wrong. under unix system it could just run in separate user = >accounts. > >The latter virtualization or jails is just wrong attempt to solve a = >problem that was created. Instead of simply doing it right. Ok, that is my que... Jails have one important property which as far as I know is unique to all other virtualizations: You can reach into the jail, unseen. That means that if your jail has been compromised, you can study the running processes while they run, without entering the jail through any mechanism the attacker controls. (trojaned sshd(8) and so forth.) I have a mailbox full of anecdotes about how people have been having fun with attackers in jails that way: Moving files around, changing modes on files, killing processes, and the winner so far: swapping emacs(1) and vi(1) randomly. As far as I know, that is a uniqu security feature of jais? -- = Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe = Never attribute to malice what can adequately be explained by incompetence= .
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?95697.1546807360>