Date: Fri, 16 Nov 2007 17:57:19 +1100 From: Norberto Meijome <freebsd@meijome.net> To: Erik Cederstrand <erik@cederstrand.dk> Cc: Matt Fioravante <fmatthew5876@gmail.com>, freebsd-questions@freebsd.org Subject: Re: Jails and multicore boxes Message-ID: <20071116175719.67457ce4@meijome.net> In-Reply-To: <473B3C56.5020103@cederstrand.dk> References: <3eca10930711140740gb8c2b88v6a13795c41e3eafb@mail.gmail.com> <473B3C56.5020103@cederstrand.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Nov 2007 19:20:06 +0100
Erik Cederstrand <erik@cederstrand.dk> wrote:
> You'll have to answer that yourself. How valuable is your data? What are
> you trying to protect? If you're worrying about getting cracked and used
> as a spam bot, jails are no more secure than a non-jail system.
Maybe some qualification is needed here.
If your mail jail gets broken into, then it will still be used as a spambot.
But your host (the machine in which your jails run in) wouldn't have been compromised, necessarily, by the fact that the jail got compromised. Having root on a jail (if that's what we are talking about by 'compromised' ) shouldn't affect your host machine. Unless there is some other vulnerability that can be used, of course.
B
_________________________
{Beto|Norberto|Numard} Meijome
"The more I see the less I know for sure."
John Lennon
I speak for myself, not my employer. Contents may be hot. Slippery when wet. Reading disclaimers makes you go blind. Writing them is worse. You have been Warned.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20071116175719.67457ce4>