From owner-freebsd-hackers Fri Mar 21 19: 3:27 2003 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E57C737B401 for ; Fri, 21 Mar 2003 19:03:25 -0800 (PST) Received: from fep.internode.on.net (smtp0.adl1.internode.on.net [203.16.214.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1EE0143FAF for ; Fri, 21 Mar 2003 19:03:24 -0800 (PST) (envelope-from doconnor@gsoft.com.au) Received: from midget.dons.net.au (ppp2104.sa.padsl.internode.on.net [150.101.28.55]) by fep.internode.on.net (8.12.4/8.12.4) with ESMTP id h2M33Eul029427; Sat, 22 Mar 2003 13:33:17 +1030 (CST) Received: (from root@localhost) by midget.dons.net.au (8.12.2/8.12.2) id h2M33Ccn045885; Sat, 22 Mar 2003 13:33:12 +1030 (CST) (envelope-from doconnor@gsoft.com.au) Received: from [127.0.0.1] (root@localhost [127.0.0.1]) by midget.dons.net.au (8.12.2/8.12.2av) with ESMTP id h2M339Om045873; Sat, 22 Mar 2003 13:33:09 +1030 (CST) (envelope-from doconnor@gsoft.com.au) Subject: Re: ld.so and hard links From: "Daniel O'Connor" To: Terry Lambert Cc: Paco Hope , hackers@freebsd.org In-Reply-To: <3E7B7D84.F51A061C@mindspring.com> References: <3E7B43F8.6070405@cigital.com> <3E7B7D84.F51A061C@mindspring.com> Content-Type: text/plain Organization: Message-Id: <1048302188.39751.11.camel@chowder.dons.net.au> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 Date: 22 Mar 2003 13:33:09 +1030 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.9 () IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SIGNATURE_SHORT_DENSE,SPAM_PHRASE_01_02 X-Scanned-By: MIMEDefang 2.26 (www . roaringpenguin . com / mimedefang) X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, 2003-03-22 at 07:30, Terry Lambert wrote: > You could potentially save a lot of memory. *However*. You may > not want to do this, since you are defeating priviledge seperation > that is what made you want to use jails in the first place. There's a Linux Jail like thing called vserver, it has a feature where you hardlink a whole bunch of stuff for different jails (it has tools for building a set of jails from a given tree). It does a copy on write for any of these hardlinked files so you don't get the security issue. No idea if it's possible to implement something like that for a jail :) -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 9A8C 569F 685A D928 5140 AE4B 319B 41F4 5D17 FDD5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message