Date: Thu, 27 Jul 2000 14:29:14 +0200 From: Neil Blakey-Milner <nbm@mithrandr.moria.org> To: "Forrest W. Christian" <forrestc@imach.com> Cc: "chem@i-p-d.nl" <chem@i-p-d.nl>, Kenn Martin <kmartin@infoteam.com>, freebsd-isp@FreeBSD.ORG Subject: Re: limiting telnet-users Message-ID: <20000727142913.A46061@mithrandr.moria.org> In-Reply-To: <Pine.BSF.4.21.0007270048130.11446-100000@workhorse.iMach.com>; from forrestc@imach.com on Thu, Jul 27, 2000 at 12:58:24AM -0600 References: <200007270728.JAA09013@ns1.i-p-d.nl> <Pine.BSF.4.21.0007270048130.11446-100000@workhorse.iMach.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu 2000-07-27 (00:58), Forrest W. Christian wrote: > About the only way to confine users to their own little private world is > chroot. Period. ITYM jail(2). > Chroots are SIGIFICANTLY more difficult to break out of. There have been, and are still, ways to get out of chroot. See 'sysctl kern.chroot_allow_open_directories', for one. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000727142913.A46061>