Date: Sat, 29 Jun 2002 00:28:35 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Pat Lashley <patl+freebsd@volant.org> Cc: FreeBSD Security Mailling List <freebsd-security@FreeBSD.ORG> Subject: Re: Jailing SSHd [Was: Re: OpenSSH Security (just a question, please no f-war)] Message-ID: <61315.1025303315@critter.freebsd.dk> In-Reply-To: Your message of "Wed, 26 Jun 2002 17:22:53 PDT." <2849830000.1025137373@mccaffrey.phoenix.volant.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <2849830000.1025137373@mccaffrey.phoenix.volant.org>, Pat Lashley wr ites: >--==========236915482========== >Content-Type: text/plain; charset=us-ascii; format=flowed >Content-Transfer-Encoding: quoted-printable >Content-Disposition: inline > >--On Wednesday, June 26, 2002 09:07:36 PM +0200 Poul-Henning Kamp=20 ><phk@critter.freebsd.dk> wrote: > >> Which reminds me that we should really tweak the code and put it in a >> jail instead of a chroot. > >Careful there. Some of us are using SSH to log into jails running virtual >hosting environments. The default installation needs to be able to run if >it is already within a jail when sshd is started. You could just fall back to chroot(2) if jail(2) failed. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?61315.1025303315>