Re: jail & security
From: Alexey Zakirov (frank@agava.com)
Date: 08/23/01
- Next message: Alexey Zakirov: "Re: jail & security"
- Previous message: Shannon Johnson: "Re: jail & security"
- In reply to: Shannon Johnson: "Re: jail & security"
- Next in thread: Dan Larsson: "Re: jail & security"
- Reply: Dan Larsson: "Re: jail & security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Aug 2001 22:39:47 +0400 (MSD) From: Alexey Zakirov <frank@agava.com> To: Shannon Johnson <shannon@needhams.com>
> Alexey, correct me if I am wrong, but Igor was asking if it was possible to
> limit "resources allocated by each VM (jail)." I simply addressed it on
> this issue and not on "root compromise." That is why I refered him to login
> classes.
>
> By the way, it is nice to know that you would trash my system if given root
> access within the jail. However, there are ways to prevent people like
> yourself from destroying a system (e.g. read only file system, setting the
> system immutable flag, etc.)
jail(2) is GREAT feature. I'm thank PHK for did it. It's really pretend to
be a great security help in the unixos.
> Remind me to never give you a shell account.
It IS a problem. Shell is not a problem, but there is the PR/18209.
If you want a shell account: http://register.h1.ru/index.shtml
*** WBR, Alexey Zakirov (frank@agava.com)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Alexey Zakirov: "Re: jail & security"
- Previous message: Shannon Johnson: "Re: jail & security"
- In reply to: Shannon Johnson: "Re: jail & security"
- Next in thread: Dan Larsson: "Re: jail & security"
- Reply: Dan Larsson: "Re: jail & security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
