Date: 06 Oct 2000 13:15:42 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: Kris Kennaway <kris@citusc.usc.edu> Cc: Bart_van_Leeuwen@doosys.com, "Jacques A. Vidrine" <n@nectar.com>, freebsd-security@FreeBSD.ORG Subject: Re: Fwd: eth-security : ANNOUNCE : Resources no for ALL Message-ID: <xzphf6qfcf5.fsf@flood.ping.uio.no> In-Reply-To: Kris Kennaway's message of "Fri, 6 Oct 2000 02:08:21 -0700" References: <OFB0C2480F.3416AB2D-ONC125696F.00437311@intra.doosys.com> <20001006020820.A91130@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway <kris@citusc.usc.edu> writes: > Read-only nullfs mounts might be good enough for a relatively few > number of users (they're working in -current nowadays). It would be > interesting to try and do this in practice and see if it's usable, and > if not, why not. At my previous place of employment, I implemented a system for running separate virtual hosts' CGI scripts in separate chroot trees (no jail, this was on 3.x and only moved to 4.x a week or two before I quit). I had a tree template that included a minimal set of binaries, libraries and configuration files (resolv.conf, passwd, group etc.). The setup script (written in Perl) would create hard links between the template and the user's tree, so very little additional disk space was needed for each user. If you needed to change something in the template, you could run the setup script again and it would compare inode numbers and relink files that had changed. Naturally, none of the shared files were writable by any of the users. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzphf6qfcf5.fsf>