Re: Multi-User Security
From: Gregory Sutter (gsutter_at_zer0.org)
Date: 05/18/04
- Previous message: Tobias Roth: "on- and offtopic [was: Confirming my understanding...]"
- In reply to: Norberto Meijome: "Re: Multi-User Security"
- Next in thread: Dan Rue: "Re: Multi-User Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 May 2004 01:35:27 -0700 To: Norberto Meijome <freebsd@meijome.net>
On 2004-05-18 14:41 +1000, Norberto Meijome <freebsd@meijome.net> wrote:
> Richard Coleman wrote:
>
> >Using a chroot or a jail is the way to go if possible. If you can't use
> >that, then unix permissions or ACL's is the next bet. Restricting
> >commands is the most fragile solution since in many cases it can be
> >subverted.
>
> Excuse my ignorance, could you quickly tell me the difference (or point
> me to a good reference article/book) between chroot + jail?
> is it that a jail is always chrooted but not the other way around?
> is a jail more encompassing than chroot only?
If you had typed "freebsd jail" into Google, this paper would have
been the first of several hundred useful links. The answer to your
question is in its introduction.
http://docs.freebsd.org/44doc/papers/jail/jail.html
Greg
-- Gregory S. Sutter Was Jimi's modem a Purple Hayes? mailto:gsutter@zer0.org http://zer0.org/~gsutter/
- application/pgp-signature attachment: stored
- Previous message: Tobias Roth: "on- and offtopic [was: Confirming my understanding...]"
- In reply to: Norberto Meijome: "Re: Multi-User Security"
- Next in thread: Dan Rue: "Re: Multi-User Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
