Date: Wed, 17 Oct 2001 17:58:31 +0200 From: =?iso-8859-1?Q?=D8rjan_W_T=F8nder?= <orjan@mirach.no> To: "David Oleszkiewicz" <davido@labrador.dhs.org> Cc: <newbies@freebsd.org> Subject: Re: tested the jail command.... Message-ID: <017601c15724$91b51f10$0200000a@stardust> References: <20011017082041.V3201-100000@labrador.dhs.org>
next in thread | previous in thread | raw e-mail | index | archive | help
thanx :) didnt need that like 18teen times any way :/ jail is supposed to make an virtual machine inside the machine i have running, and make the system more secure against h4x0rz so when i hacker tryes to root the system the h4x0r only roots the jail system and not the real system ... the problem is that i cant understand who2 build the world for that new system ----- Original Message ----- From: "David Oleszkiewicz" <davido@labrador.dhs.org> To: "Ørjan W Tønder" <orjan@mirach.no> Cc: <newbies@FreeBSD.ORG> Sent: Wednesday, October 17, 2001 17:23 Subject: Re: tested the jail command.... > I don't know much about the jails, but i thought the idea was that you > make a /var/jail dir and then you chmod 000 it. This means that the > application can't write or read any files and especially can't make new > ones. my impression was that you run some daemon there that doesn't need > to open or close any new files. so the daemon opens the files it needs > and then chdir()'s to the jail directory and the idea it that it can't > hurt the system in anyway if someone try's to exploit some buffer overflow > bug. i'm not sure if some of this applies to what you are trying to do, > but it would seem to coincide with things not working or being created. > > dave > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?017601c15724$91b51f10$0200000a>