From owner-freebsd-hackers Wed Apr 25 12:15:41 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by hub.freebsd.org (Postfix) with ESMTP id 1BC3C37B422 for ; Wed, 25 Apr 2001 12:15:38 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.3/8.11.3) with ESMTP id f3PJFKU74645; Wed, 25 Apr 2001 21:15:20 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Matt Dillon Cc: hackers@freebsd.org Subject: Re: Idea for additional feature for jail - jailed security level In-Reply-To: Your message of "Wed, 25 Apr 2001 12:04:59 PDT." <200104251904.f3PJ4xP41049@earth.backplane.com> Date: Wed, 25 Apr 2001 21:15:20 +0200 Message-ID: <74643.988226120@critter> From: Poul-Henning Kamp Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200104251904.f3PJ4xP41049@earth.backplane.com>, Matt Dillon writes: > I just had an idea... allow the kernel security level to be specified > for a jailed environment. Add a 'securelevel' field to the jail > structure and bump the API rev. That would be trivial to do, but I thought that securelevels were demed "nice proof of concept but not the right way" ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message