From owner-freebsd-hackers Mon Jun 25 15:52:42 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from mail1.javanet.com (mail1.javanet.com [205.219.162.10]) by hub.freebsd.org (Postfix) with ESMTP id 1A7FE37B405 for ; Mon, 25 Jun 2001 15:52:40 -0700 (PDT) (envelope-from kaworu@sektor7.ath.cx) Received: from wintermute.sekt7 (209-6-248-16.c3-0.lex-ubr1.sbo-lex.ma.cable.rcn.com [209.6.248.16]) by mail1.javanet.com (8.9.3/8.9.2) with ESMTP id SAA14673 for ; Mon, 25 Jun 2001 18:53:23 -0400 (EDT) Date: Mon, 25 Jun 2001 18:53:23 -0400 (EDT) Message-Id: <200106252253.SAA14673@mail1.javanet.com> From: Evan Sarmiento To: freebsd-hackers@freebsd.org Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Subject: jailuser project --text follows this line-- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I would like your input on a project I am currently working on called Jailuser. Jail, which is similar, chroots an enviornment and sets restrictions on processes forked within. However, problems arise: Inability to login to jail from console, hard to manage externally, have to reproduce base system for each jail (or an nfs mount, but insecure) Therefore, I have created jailuser. Users with UID of 1000 have the same jail restrictions, eg. unable to use certain socket functions, sysv ipc, etc. Also, users are confined by a "kernel restricted shell", which I have yet to implement. I have committed a few things, http://savannah.gnu.org/projects/jailuser/, please take a look. Thanks, Evan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (SunOS) Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard iEYEARECAAYFAjs3waAACgkQBLUKTEZ4y0bhNQCfYjgfmzM8R9GHdoIY0veoQUFF 7kkAn2Opz8H+RMIF1HIx73Sqw4stTR+J =L2xv -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message