Date: Wed, 17 May 2000 15:02:33 -0700 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: security@FreeBSD.ORG Subject: Re: Jail: Problems? Proper Usage? Status? Practicality? Message-ID: <200005172202.PAA01574@salsa.gv.tsc.tdk.com> In-Reply-To: <Pine.NEB.3.96L.1000516170812.15891F-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1000516170812.15891F-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 17, 11:05am, Robert Watson wrote: } Subject: Re: Jail: Problems? Proper Usage? Status? Practicality? } One way to substantially improve jail scalability would be to allow the } same (read-only) file system to be present in all jails as the root, with } only jail-local data being modified. You can imagine gratuitously using } nullfs (if it worked) to do this, and mount per-jail writable fs's for } appropriatel subdirectories (/etc, /usr/local, /home) with appropriate } symlinks within the jail. I badly want nullfs for another reason. It can be really handy to allow separate jails to communicate through the filesystem. Imagine updating a set of web pages using rsync over ssh in one jail, and sharing these via a read-only mount in another jail where the web server is running. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005172202.PAA01574>