Date: Thu, 8 Oct 2009 10:32:10 GMT From: remko@FreeBSD.org To: greenx@yartv.ru, remko@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: misc/139422: make the jail safe for the parent system Message-ID: <200910081032.n98AWAZd011132@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Synopsis: make the jail safe for the parent system State-Changed-From-To: open->closed State-Changed-By: remko State-Changed-When: Thu Oct 8 10:32:10 UTC 2009 State-Changed-Why: Hello, I think I understand what you ar etrying to say here. But I think that only trusted people should be allowed into a jail, as well as with a regular server. You could give the user sudo access for specific tasks so tht he cannot do everything as highly privileged user. Yes ofcourse you might be able to get out of those things if you are creative. The question is, where do we put the line. I think that in this case one should know what he puts in rc.local, if this is a jail, and you use the regular scripts, the 'jail' rc.d will not be used at all. Please discuss this further on the questions list, and report to me in case this is really a problem. Anyway; thanks for using FreeBSD! It's greatly appreciated... http://www.freebsd.org/cgi/query-pr.cgi?pr=139422
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910081032.n98AWAZd011132>