Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 14 Feb 2002 19:01:21 -0500
From:      Chris Faulhaber <jedgar@fxp.org>
To:        Jim Durham <durham@w2xo.pgh.pa.us>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Jail question
Message-ID:  <20020215000121.GA48563@peitho.fxp.org>
In-Reply-To: <Pine.BSF.4.21.0202141430160.25249-100000@w2xo.pgh.pa.us>
References:  <Pine.BSF.4.21.0202141430160.25249-100000@w2xo.pgh.pa.us>
next in thread | previous in thread | raw e-mail | index | archive | help 

--u3/rZRmxL6MmkK24
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Feb 14, 2002 at 02:35:47PM +0000, Jim Durham wrote:
> I just recently discovered jail and started reading the
> material by phk on how it works.
>=20
> Ok, you can have a general over-all supervisory root account and
> you can have a root account in each jail.
>=20
> Let's say you make a jail for each department in a company.
> Suppose you have a situation where you have certain users who
> are not capable of system administration, but, they are supervisors
> who need to be able to read and modify files in all the jails, but
> not modify system config files, etc owned by the jail root account.
>=20
> How could you accomplish this?
>=20

You can wait until 5.0 is released which has support for filesystem
ACLs allowing finer-grained access control for files :)

--=20
Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve   -   http://www.FreeBSD.org

--u3/rZRmxL6MmkK24
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: FreeBSD: The Power To Serve

iEYEARECAAYFAjxsT9EACgkQObaG4P6BelAsCgCfYOD9bMOXHoqK3p9ryC4KS1Vy
pxAAn0VCtU5VRXG0j8IWAllc7aJLTyOa
=C3Gr
-----END PGP SIGNATURE-----

--u3/rZRmxL6MmkK24--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020215000121.GA48563>