Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 25 Jun 2003 19:52:25 +0200
From:      Pawel Jakub Dawidek <nick@garage.freebsd.pl>
To:        Robert Watson <rwatson@freebsd.org>
Cc:        freebsd-arch@freebsd.org
Subject:   Re: Jailed sysvipc implementation.
Message-ID:  <20030625175225.GS7587@garage.freebsd.pl>
In-Reply-To: <Pine.NEB.3.96L.1030625132446.57143A-100000@fledge.watson.org>
References:  <20030624164602.GW7587@garage.freebsd.pl> <Pine.NEB.3.96L.1030625132446.57143A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

--37umynISzNxy+PmB
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jun 25, 2003 at 01:26:28PM -0400, Robert Watson wrote:
+> We have some initial patches that wrap the user ipcperm structure in a
+> kernel-specific structure, which we use to add a MAC label.  It would be
+> easy to also add a prison pointer.  We probably won't get to merging this
+> patch for a couple of weeks, but it's worth keeping in mind.=20
+>=20
+>   http://www.watson.org/~robert/freebsd/mac_sysvipc.diff
+>=20
+> This needs style cleanup, bug fixing, testing, etc, but it's the directi=
on
+> we're pushing in for MAC right now.

Hmm, I'm not sure if I understand patch well, but with this stuff we will
be able to run for example two postgresql servers in diffrent jails?
Or it only will provide denying specified requests?

--=20
Pawel Jakub Dawidek                       pawel@dawidek.net
UNIX Systems Programmer/Administrator     http://garage.freebsd.pl
Am I Evil? Yes, I Am!                     http://cerber.sourceforge.net

--37umynISzNxy+PmB
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iQCVAwUBPvnhWT/PhmMH/Mf1AQErngP+PmlvSViY3gSYrq7GjklXJnhjTNuLfo3i
i/S5pEDiYw9BPD2g706HexhYikyvoz81WcGzWO72nYY0VnaSIa/cU9jUrWDxirre
m6+c2W6ba2yaKvKjhnOabRKNbzvPIXlG+VwpRwisgvzO3l0iV3USio1MM6RG2i/d
glTDsUb9TT8=
=CZsf
-----END PGP SIGNATURE-----

--37umynISzNxy+PmB--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030625175225.GS7587>