From owner-freebsd-security Thu Aug 23 11:44:30 2001 Delivered-To: freebsd-security@freebsd.org Received: from hq1.tyfon.net (hq1.tyfon.net [217.27.162.35]) by hub.freebsd.org (Postfix) with ESMTP id 45A3737B40C for ; Thu, 23 Aug 2001 11:44:16 -0700 (PDT) (envelope-from dl@tyfon.net) Received: from localhost (localhost [127.0.0.1]) by hq1.tyfon.net (Postfix) with ESMTP id 67E0F1C5C4; Thu, 23 Aug 2001 20:44:14 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by hq1.tyfon.net (Postfix) with ESMTP id 5A95C1C5C1; Thu, 23 Aug 2001 20:44:13 +0200 (CEST) Date: Thu, 23 Aug 2001 20:44:13 +0200 (CEST) From: Dan Larsson To: Alexey Zakirov Cc: Shannon Johnson , Subject: Re: jail & security In-Reply-To: Message-ID: <20010823204332.K95564-100000@hq1.tyfon.net> Organization: Tyfon Svenska AB X-NCC-NIC: DL1999-RIPE X-NCC-RegID: se.tyfon MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by hq1.tyfon.net Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 23 Aug 2001, Alexey Zakirov wrote: | > Alexey, correct me if I am wrong, but Igor was asking if it was possible to | | > limit "resources allocated by each VM (jail)." I simply addressed it on | > this issue and not on "root compromise." That is why I refered him to login | > classes. | > | > By the way, it is nice to know that you would trash my system if given root | > access within the jail. However, there are ways to prevent people like | > yourself from destroying a system (e.g. read only file system, setting the | > system immutable flag, etc.) | | jail(2) is GREAT feature. I'm thank PHK for did it. It's really pretend to | be a great security help in the unixos. | | > Remind me to never give you a shell account. | | It IS a problem. Shell is not a problem, but there is the PR/18209. | If you want a shell account: http://register.h1.ru/index.shtml Perhaps this is worth looking at http://sektor7.ath.cx:8080/openroot/index.php Regards +------ Dan Larsson -+- Tyfon Svenska AB -+- DL1999-RIPE 2AA5 90AE 5185 5924 1E0B 1A99 EC8A EA84 406B 06B9 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message