Date: Fri, 8 Jun 2007 10:51:17 +0200 From: Albert Shih <Albert.Shih@obspm.fr> To: Alain Wolf <wolf@k18.ch> Cc: freebsd-jail@freebsd.org Subject: Re: -u option for jail Message-ID: <20070608085117.GB18265@pcjas.obspm.fr> In-Reply-To: <46690E88.9040506@k18.ch> References: <20070604125115.GD7167@pcjas.obspm.fr> <46690E88.9040506@k18.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
Le 08/06/2007 à 10:08:40+0200, Alain Wolf a écrit > Albert Shih wrote, On 06/04/2007 02:51 PM: > > Hi all > > > > Maybe my question is stupid, but is there any possibility to use > > > > -u user (user != root) > > > > in the /etc/rc.conf for launch a jail with a specific user ? For example, > > can we have for any jail a different user ? > > > > Regards. > > > > > Hi Al > Maybe my answer is stupid, but since the idea of a jail should mostly > look like an independent system, there is a root user and any user you > wish *inside* the jail. > > If you would like to have users on the hosting system with the ability > to start and stop their own jails from outisde their jails, I would look > into something like sudo or a web-cgi with a strong authentication and > authorization (maybe webmin does that?). Well It's not my idea.... My idea is : if (maybe very big «if») jail a security breach and the guest system is comprimise maybe if the jail run with another uid this can make the hosting system more secure. I don't known if you understand me, my english is very poor.. Regards. -- Albert SHIH Observatoire de Paris Meudon SIO batiment 15 Heure local/Local time: Ven 8 jui 2007 10:47:51 CEST
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070608085117.GB18265>