Date: Thu, 14 Feb 2002 15:58:38 -0800 From: "Crist J. Clark" <cjc@FreeBSD.ORG> To: Jim Durham <durham@w2xo.pgh.pa.us> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Jail question Message-ID: <20020214155838.E36782@blossom.cjclark.org> In-Reply-To: <Pine.BSF.4.21.0202141430160.25249-100000@w2xo.pgh.pa.us>; from durham@w2xo.pgh.pa.us on Thu, Feb 14, 2002 at 02:35:47PM %2B0000 References: <Pine.BSF.4.21.0202141430160.25249-100000@w2xo.pgh.pa.us>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 14, 2002 at 02:35:47PM +0000, Jim Durham wrote:
> I just recently discovered jail and started reading the
> material by phk on how it works.
>
> Ok, you can have a general over-all supervisory root account and
> you can have a root account in each jail.
>
> Let's say you make a jail for each department in a company.
> Suppose you have a situation where you have certain users who
> are not capable of system administration, but, they are supervisors
> who need to be able to read and modify files in all the jails, but
> not modify system config files, etc owned by the jail root account.
>
> How could you accomplish this?
That's not what jail(8)s are really for. I think you just need to look
at group(5) ownership of files.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020214155838.E36782>