Date: Mon, 22 Sep 2008 13:41:55 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: fmatthew5876@gmail.com Cc: freebsd-questions@freebsd.org Subject: Re: Shared /usr in jails Message-ID: <200809220641.m8M6ftoQ009956@banyan.cs.ait.ac.th> In-Reply-To: <3eca10930809212301t207b6d08p26eb27294350227a@mail.gmail.com> (fmatthew5876@gmail.com) References: <3eca10930809212301t207b6d08p26eb27294350227a@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Aesthetics and philosophy aside, are there any real security holes in just > using the systems /usr everywhere if it is mounted read only in the jails? > THis seems to be the > approach used by solaris zones. Usually a jail /usr is almost empty. You would prefer to have the very strict minimum of things inside a jail. Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809220641.m8M6ftoQ009956>