From owner-freebsd-newbies Wed Oct 17 8:19:42 2001 Delivered-To: freebsd-newbies@freebsd.org Received: from labrador.dhs.org (c1769884-a.bvrtn1.or.home.com [24.248.48.187]) by hub.freebsd.org (Postfix) with ESMTP id 6527837B409 for ; Wed, 17 Oct 2001 08:19:39 -0700 (PDT) Received: from localhost (davido@localhost) by labrador.dhs.org (8.11.3/8.11.3) with ESMTP id f9HFN9Z03208; Wed, 17 Oct 2001 08:23:10 -0700 (PDT) (envelope-from davido@labrador.dhs.org) Date: Wed, 17 Oct 2001 08:23:09 -0700 (PDT) From: David Oleszkiewicz To: =?iso-8859-1?Q?=D8rjan_W_T=F8nder?= Cc: Subject: Re: tested the jail command.... In-Reply-To: <001801c156e2$8c6ebdf0$19101a0a@kurs.sta.itakademiet.no> Message-ID: <20011017082041.V3201-100000@labrador.dhs.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-newbies@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I don't know much about the jails, but i thought the idea was that you make a /var/jail dir and then you chmod 000 it. This means that the application can't write or read any files and especially can't make new ones. my impression was that you run some daemon there that doesn't need to open or close any new files. so the daemon opens the files it needs and then chdir()'s to the jail directory and the idea it that it can't hurt the system in anyway if someone try's to exploit some buffer overflow bug. i'm not sure if some of this applies to what you are trying to do, but it would seem to coincide with things not working or being created. dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message