From owner-freebsd-current  Wed Jan 27 09:39:54 1999
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id JAA14649
          for freebsd-current-outgoing; Wed, 27 Jan 1999 09:39:54 -0800 (PST)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from schizo.cdsnet.net (schizo.cdsnet.net [204.118.244.32])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA14633;
          Wed, 27 Jan 1999 09:39:43 -0800 (PST)
          (envelope-from mrcpu@internetcds.com)
Received: from localhost (mrcpu@localhost) by schizo.cdsnet.net (8.8.8/8.7.3) with SMTP id JAA28004; Wed, 27 Jan 1999 09:34:51 -0800 (PST)
Date: Wed, 27 Jan 1999 09:34:51 -0800 (PST)
From: Jaye Mathisen <mrcpu@internetcds.com>
X-Sender: mrcpu@schizo.cdsnet.net
To: Poul-Henning Kamp <phk@FreeBSD.ORG>
cc: current@FreeBSD.ORG
Subject: Re: "JAIL" code headed for -current.
In-Reply-To: <29763.917434096@critter.freebsd.dk>
Message-ID: <Pine.NEB.3.95.990127093443.27570o-100000@schizo.cdsnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Consider this interest.

On Wed, 27 Jan 1999, Poul-Henning Kamp wrote:

> 
> I'm polishing up the "JAIL" code I wrote and readying it for -current.
> 
> This code provides an optional strenthening of the chroot() jail
> as we know it, and will provide safe sandboxes for most practical
> uses.
> 
> The biggest impact of this is a new argument to the suser() call
> all over the kernel:
> 
> 	suser(NOJAIL, bla, bla);
> or
> 	suser(0, bla, bla);
> 
> The NOJAIL option means that a jailed root fails the test.
> 
> I will add this extra arg to suser() in the first commit.
> 
> Each Jail can optionally be assigned one IP number, which they
> have access to.  All connections to and from that jail will
> use that IP#.
> 
> If there is interest, this code will be merged to 3.1 as well.
> 
> This work was sponsored by:	 www.servetheweb.com
> 
> --
> Poul-Henning Kamp             FreeBSD coreteam member
> phk@FreeBSD.ORG               "Real hackers run -current on their laptop."
> FreeBSD -- It will take a long time before progress goes too far!
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-current" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message