From owner-freebsd-questions@FreeBSD.ORG Tue Nov 23 00:27:02 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F1BA616A4CE for ; Tue, 23 Nov 2004 00:27:02 +0000 (GMT) Received: from mail.revolutionsp.com (ganymede.revolutionsp.com [64.246.0.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7FEF743D39 for ; Tue, 23 Nov 2004 00:27:02 +0000 (GMT) (envelope-from klr@6s-gaming.com) Received: from mail.revolutionsp.com (localhost [127.0.0.1]) by mail.revolutionsp.com (Postfix) with ESMTP id 1817B15C95 for ; Mon, 22 Nov 2004 15:23:02 -0600 (CST) Received: from 81.84.175.77 (SquirrelMail authenticated user klr@6s-gaming.com); by mail.revolutionsp.com with HTTP; Mon, 22 Nov 2004 15:23:02 -0600 (CST) Message-ID: <50098.81.84.175.77.1101158582.squirrel@81.84.175.77> Date: Mon, 22 Nov 2004 15:23:02 -0600 (CST) From: klr@6s-gaming.com To: freebsd-questions@FreeBSD.org User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Subject: security.jail.sysvipc_allowed: implications ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Nov 2004 00:27:03 -0000 Hi, I'd like to know what are the implications of setting security.jail.sysvipc_allowed=1 while using FreeBSD jails. If I understood correctly, setting this to 1 allows processes inside the jail to communicate to the host server/other jails using SysV shared memory, but I don't understand the fully implications of this. Is there any concern using this sysctl as 1 on a system with only a jail without any ssh access, and nothing but courier, postfix, and apache? (inside jail) Regards, Hugo