Date: Sun, 16 Jul 2000 03:28:28 -0400 (EDT) From: Brian Fundakowski Feldman <green@FreeBSD.org> To: Warner Losh <imp@village.org> Cc: freebsd-arch@FreeBSD.ORG Subject: Re: SysctlFS Message-ID: <Pine.BSF.4.21.0007160327310.82825-100000@green.dyndns.org> In-Reply-To: <200007160535.XAA50733@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 15 Jul 2000, Warner Losh wrote: > : Why? It's got exactly the same considerations as the "true" root being > : able to mount(2) things into a jail or mknod(2). > > You shouldn't be able to mount thinks in jail or mknod. While in > jail, you cannot do a mknod right now. While in jail, you can't do a > mount. > > Creating holes in this scheme makes me extremely nervous. Exactly! The same permissions would apply to this form of symlink as those which apply to mknod and mount in jails. > : > Also, you really don't want too many devices in a jail's /dev tree. > : > You really wouldn't want devfs for jail unless you could limit it > : > severely. And that's going to be hard to write, I think. > : > : But you could create multiple mounts (instances) of devfs which each > : contain a specific subset of the devfs proper and do the "symlink > : breakout" accordingly :) An aspect of jail classes, if you will. > > Why bother with a symlink? Why not have a reference to the real > dev_t? The dev_t of what, exactly? > Warner -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007160327310.82825-100000>