Date: 09 Dec 2002 11:31:46 -0800 From: swear@attbi.com (Gary W. Swearingen) To: Ruben de Groot <fbsd-q@bzerk.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Installing additional ports in a jail! Message-ID: <7vof7vvvj1.f7v@localhost.localdomain> In-Reply-To: <20021209092542.GA76303@ei.bzerk.org> References: <20021209085617.GA64454@rock.stable.ch> <000001c29f61$fcf58c70$952b6e94@lucifer> <20021209092542.GA76303@ei.bzerk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ruben de Groot <fbsd-q@bzerk.org> writes: > I usually follow this procedure (on the host system, not inside the jail): I know the basic concept of jails, but have never used them and don't understand them well. Please tell me if you think they could be used to solve this "problem" I've always had with installing software: Most software (ports in this case) require you to run third-party scripts as root, making it quite easy for those parties to corrupt the root-owned/private parts of your OS. (I tried giving the whole ports system to a special non-root user, but way too many scripts are actually nasty enough as to insist that the user is root.) Could I have a whole ports system in a jail so that I can run their scripts as root while they cannot cause damage outside the jail? (I'd probably want another ports system for the few ports who's executables I intend to run as root, or maybe copy (or link?) them out of the jail.) Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7vof7vvvj1.f7v>