From owner-freebsd-hackers  Wed Apr 25 12:15:41 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by hub.freebsd.org (Postfix) with ESMTP id 1BC3C37B422
	for <hackers@freebsd.org>; Wed, 25 Apr 2001 12:15:38 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter (localhost [127.0.0.1])
	by critter.freebsd.dk (8.11.3/8.11.3) with ESMTP id f3PJFKU74645;
	Wed, 25 Apr 2001 21:15:20 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: Matt Dillon <dillon@earth.backplane.com>
Cc: hackers@freebsd.org
Subject: Re: Idea for additional feature for jail - jailed security level 
In-Reply-To: Your message of "Wed, 25 Apr 2001 12:04:59 PDT."
             <200104251904.f3PJ4xP41049@earth.backplane.com> 
Date: Wed, 25 Apr 2001 21:15:20 +0200
Message-ID: <74643.988226120@critter>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <200104251904.f3PJ4xP41049@earth.backplane.com>, Matt Dillon writes:
>    I just had an idea... allow the kernel security level to be specified
>    for a jailed environment.  Add a 'securelevel' field to the jail
>    structure and bump the API rev.

That would be trivial to do, but I thought that securelevels were
demed "nice proof of concept but not the right way" ?

--
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message