Date: Tue, 11 Dec 2018 12:12:48 -0700 From: Ian Lepore <ian@freebsd.org> To: Hubert Hauser <atypical@autisticstory.net>, freebsd-hackers@freebsd.org Subject: Re: Running Tor service in the jail environment Message-ID: <1544555568.44045.12.camel@freebsd.org> In-Reply-To: <65a5540f-2f1c-0470-b650-cf9fd696ea7a@autisticstory.net> References: <66526968-1446-c95e-629a-fb9e1b246111@mail.com> <1544543387.1860.347.camel@freebsd.org> <65a5540f-2f1c-0470-b650-cf9fd696ea7a@autisticstory.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2018-12-11 at 19:58 +0100, Hubert Hauser wrote: > Hello! > > > > You should not be running ntpd inside a jail, it won't have the > > priveleges to set the kernel clock anyway, only the ntpd running in > > a > > non-jailed environment can do that. > How can I prevent running ntpd and lpd in the jail environment? > Set the appropriate variables (ntpd_enable=NO, etc) in the /etc/rc.conf for the jail. -- Ian > > > > I wouldn't use a jail for that. Take a look at this article I wrote > > about how to use Tor in the manner you're looking for: > > > > https://github.com/lattera/articles/blob/master/infosec/tor/2017-01 > > -14_torified_home/article.md > It sounds like a good idea but weren't a better solution use an > open-hardware device acting as Tor router with installed OpenBSD or > HardenedBSD? Why wouldn't you use for it jail environment? I want to > place Tor in the jail environment because I want to prevent system > being > compromised in case compromising Tor service. > > Thank you in advance, > Hubert. > > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd > .org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1544555568.44045.12.camel>