Date: Wed, 7 Oct 2015 19:44:13 +0200 From: Jan Demter <jan-mailinglists@demter.de> To: freebsd-stable@freebsd.org, marko.cupac@mimar.rs Subject: Re: bind host service to jail ip? Message-ID: <561559ED.4060105@demter.de> In-Reply-To: <56153D62.8070601@quip.cz> References: <20151007161525.1beca1eb@efreet.kappastar.com> <56153D62.8070601@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On 07/10/15 17:42, Miroslav Lachman wrote: > Marko Cupać wrote on 10/07/2015 16:15: > > [...] > >> - If I ran openntpd in host and bound it to jails' ip addresses, would >> clients be able to sync? If so, are there any negative implications >> to this? > > I don't know if somethng has been changed over time, but if you run some > service in host on IP assigned to jail on port not used in jail, there > will be no conflict and service will be available to public A thing to keep in mind here is that anything running inside the jail can override the host (without any noticeable conflict), as a bind to an address from inside a jail will take precedent over the hosts listening sockets. So if you are going to run any less trusted code in the jails, it will be able to manipulate time for the clients using the jails address. Greetings Jan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?561559ED.4060105>