Date: Tue, 6 Sep 2005 16:50:42 +0200 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Subject: Re: pf ruleset modify from jail Message-ID: <200509061650.54519.max@love2party.net> In-Reply-To: <431D830D.1080906@gmail.com> References: <431D830D.1080906@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Tuesday 06 September 2005 13:52, Szukács István wrote: > The problem is that inside the jail the root has access to pf(the > outside system's pf), and can read/write the ruleset. > How can i protect it? You can use devfs rulesets to hide /dev/pf from the jail's devfs. See devfs(8) for more details. -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQBDHazOXyyEoT62BG0RAmFxAJ9eqUJ9ZY3qDz7GGtPRoNLHgiwwEACfZ95m QB2IJfBgqhsAGM1Bs8I3tM8= =J9NI -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200509061650.54519.max>