From owner-freebsd-questions@FreeBSD.ORG  Sun Apr  1 08:56:14 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B712E106566B
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Apr 2012 08:56:14 +0000 (UTC)
	(envelope-from peter@vereshagin.org)
Received: from mx1.skyriver.ru (ns1.skyriver.ru [89.108.118.221])
	by mx1.freebsd.org (Postfix) with ESMTP id 713358FC14
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Apr 2012 08:56:14 +0000 (UTC)
Received: from localhost (tor4.anonymizer.ccc.de [80.237.226.74])
	by mx1.skyriver.ru (Postfix) with ESMTPSA id C26D65AB0;
	Sun,  1 Apr 2012 12:47:28 +0400 (MSK)
Date: Sun, 1 Apr 2012 12:47:19 +0400
From: Peter Vereshagin <peter@vereshagin.org>
To: freebsd-questions@freebsd.org
Message-ID: <20120401084719.GA12293@external.screwed.box>
References: <20120330224416.13643xk4rsfd2i5s@webmail.ime.usp.br>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20120330224416.13643xk4rsfd2i5s@webmail.ime.usp.br>
Organization: '
X-Face: 8T>{1owI$Byj]]a;
	^G]kRf*dkq>E-3':F>4ODP[#X4s"dr?^b&2G@'3lukno]A1wvJ_L(~u
	6>I2ra/<,j1%@C[LN=>p#_}RIV+#:KTszp-X$bQOj,K
Cc: schultz@ime.usp.br
Subject: Re: FreeBSD Security in Multiuser Environments
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Apr 2012 08:56:14 -0000

Hello.

2012/03/30 22:44:16 -0300 schultz@ime.usp.br => To freebsd-questions@freebsd.org :

> P.S.: If you want to attain desktop security, matters get even more
> complicated. If anyone is interested, I can discuss what I did there
> (basically virtual X servers and building ports as regular users).

Sure I am interested.

I myself try to run Xorg server in a chroot and its clients from a different
jail(s) via tcp on lo0.  Trouble still is I can't get my VT ttyvXs because of
that strange 'console ownership' stuff.

> Also, thanks for Capsicum, it sure is useful.

Who is that?

--
Peter Vereshagin <peter@vereshagin.org> (http://vereshagin.org) pgp: A0E26627