From owner-freebsd-stable@FreeBSD.ORG  Sun Feb 16 14:36:49 2014
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 8186B962
 for <freebsd-stable@freebsd.org>; Sun, 16 Feb 2014 14:36:49 +0000 (UTC)
Received: from spectrum.skysmurf.nl (spectrum.skysmurf.nl [82.95.125.145])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1025D129C
 for <freebsd-stable@freebsd.org>; Sun, 16 Feb 2014 14:36:48 +0000 (UTC)
Received: from spectrum.skysmurf.nl (mail.skysmurf.nl [192.168.42.4] (may be
 forged))
 by spectrum.skysmurf.nl (8.14.7/8.14.7) with SMTP id s1GESOmr025900;
 Sun, 16 Feb 2014 15:28:24 +0100 (CET)
 (envelope-from freebsd@skysmurf.nl)
Received: by spectrum.skysmurf.nl (sSMTP sendmail emulation);
 Sun, 16 Feb 2014 15:28:24 +0100
Date: Sun, 16 Feb 2014 15:28:24 +0100
From: "A.J. 'Fonz' van Werven" <freebsd@skysmurf.nl>
To: Thomas Steen Rasmussen <thomas@gibfest.dk>
Subject: Re: Should I use jail?
Message-ID: <20140216142824.GA25883@spectrum.skysmurf.nl>
References: <CAA_8tFq7JNw0=nqz5ByyfJs8cyEu+5z+sry=NESViegUSZBJ0Q@mail.gmail.com>
 <5300C998.7010508@gibfest.dk>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="7AUc2qLy4jB3hD7Z"
Content-Disposition: inline
In-Reply-To: <5300C998.7010508@gibfest.dk>
X-PGP-Key: http://www.skysmurf.nl/~fonz/fonz_pubkey.asc
User-Agent: Mutt/1.5.22 (2013-10-16)
Cc: freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Feb 2014 14:36:49 -0000


--7AUc2qLy4jB3hD7Z
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Thomas Steen Rasmussen wrote:

> For what it's worth I never, ever run any service without running it in
> a jail.

Smartass comment: if that includes ntpd or a master NIS server, would you
care to divulge how you did that?

AvW

--=20
I'm not completely useless, I can be used as a bad example.

--7AUc2qLy4jB3hD7Z
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iQIcBAEBAgAGBQJTAMsIAAoJEAfP7gJTaCe8zRgP+wTdFSkuaF+58uyCe9cf5I9u
NO6FS4p4acZtkwzHVXu55SzFiqFUxqGZcuneJz8js95bdh3WA4lUcb3iC+H97LCR
golVPiDBsHLRvjjXl1L2vBnfdE6YyIdHunQIRyf87UWWEkx1VcrPNI24Opx9NjEZ
va59tOnV0Py7FgUS5mKIeu4bWxLv+CpNqEtSkdnN5gIkhR1nFJFRb+0XiLH3JWQm
LbLZ8U1IzjDGTyvw8jsrJQjAgDrhFB4FZWQxS87gZx0REOzd4KSgOSbrylUIqHsN
EsPxDcfqVgMgbxqg/wwGZxbz5vYKz9EqRlem4ffX2cd/3Hg6xJWm69LtvDq+LF7W
eEBE7etyOkUyCDriVGjqOuEA41BwNbzWuVS+LDvpOVydSGVgzYgCZKk9gziJbjXq
gNhD/RwBpc52QnusUsGbwsDJYEG0PE6q/0k03BZ00kehyglMfNXRMqMoqZuPttLj
MJDdcoWXbJU6eUVQ0AhiJHwalaQYXI7kx63HyFbcBF5V0itC1J+Oi6W6vlBEk9Lc
PSr1G12vY+uvFjrUgxyAIVXPbiSnpCc94oL2lXH4A18QY2hm7aEfbQDsnqF8ANHl
TJDzHALmb30bbakEs0bjOHCoQjJnk3i01QIwuGHcATV5m7IDQKZVSStYvoCU1hkq
+uuWh9pOxmL0jzxq2NlF
=BGTX
-----END PGP SIGNATURE-----

--7AUc2qLy4jB3hD7Z--