Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 25 Apr 2001 12:33:05 -0700 (PDT)
From:      Matt Dillon <dillon@earth.backplane.com>
To:        Alfred Perlstein <bright@wintelcom.net>
Cc:        Poul-Henning Kamp <phk@critter.freebsd.dk>, hackers@FreeBSD.ORG
Subject:   Re: Idea for additional feature for jail - jailed security level
Message-ID:  <200104251933.f3PJX5D41622@earth.backplane.com>
References:  <74643.988226120@critter> <200104251923.f3PJNcD41451@earth.backplane.com> <20010425122712.P1790@fw.wintelcom.net>

next in thread | previous in thread | raw e-mail | index | archive | help
   Another cool feature, which would be harder to implement, would be
   to have a secondary path for jail which specifies the path under
   which filesystem modifications can be made (create files, edit files,
   etc...), and outside of which only read access is permitted.  This way
   you could create a jail with "/" as the chroot yet which still severely
   restricts the types of filesystem modifications that may be employed
   outside of some other directory.  

   With a feature like that it would be fairly easy to run apache inside
   a jailed environment without having to spend a lot of effort creating
   the environment.
				
						    -Matt

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104251933.f3PJX5D41622>