From owner-freebsd-security Fri Oct 6 2:15:45 2000 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA7C537B502 for ; Fri, 6 Oct 2000 02:15:43 -0700 (PDT) Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83F436E3467 for ; Fri, 6 Oct 2000 02:15:43 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id CAA91888; Fri, 6 Oct 2000 02:08:22 -0700 (PDT) Date: Fri, 6 Oct 2000 02:08:21 -0700 From: Kris Kennaway To: Bart_van_Leeuwen@doosys.com Cc: "Jacques A. Vidrine" , freebsd-security@FreeBSD.ORG Subject: Re: Fwd: eth-security : ANNOUNCE : Resources no for ALL Message-ID: <20001006020820.A91130@citusc17.usc.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from Bart_van_Leeuwen@doosys.com on Thu, Oct 05, 2000 at 02:25:11PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Oct 05, 2000 at 02:25:11PM +0200, Bart_van_Leeuwen@doosys.com wrote: > Creating a single jail for a group of interactive users is quite practical. > Creating a seperate jail for each individual interactive user can become > inpractical for example due to disk space requirements and the > complexibility of the evironment for the administrator. Read-only nullfs mounts might be good enough for a relatively few number of users (they're working in -current nowadays). It would be interesting to try and do this in practice and see if it's usable, and if not, why not. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message