Date: Tue, 09 Nov 1999 14:41:04 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Jamie Bowden <ragnar@sysabend.org> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Should jail treat ip-number? Message-ID: <23737.942154864@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 09 Nov 1999 05:29:51 PST." <Pine.BSF.4.10.9911090527520.39794-100000@moo.sysabend.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.10.9911090527520.39794-100000@moo.sysabend.org>, Jamie Bowden writes: > >-security stripped > >On Tue, 9 Nov 1999, Poul-Henning Kamp wrote: > >:In message <19991109125445E.shin@nd.net.fujitsu.co.jp>, Yoshinobu Inoue writes: > >:>(2)What is the goal of the restriction? > >:To isolate people in the jail from the "real" machine and from >:other jails. > >What does jail do that chroot doesn't? I've seen several discussions on >jail on -hackers, but no explanation of why it was implemented, or how >it's different from chroot. 1. All tcp/ip forced to use a particular IP#. This allows you to have several inetd/sendmail/apache running, one per jail. 2. Many things which root can normally do cannot be done if root is jailed. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?23737.942154864>