Date: Mon, 15 May 2000 19:17:35 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Geoffrey Robinson <geoff@grobin.org> Cc: security@FreeBSD.ORG Subject: Re: Jail: Problems? Proper Usage? Status? Practicality? Message-ID: <6177.958411055@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 15 May 2000 12:53:42 EDT." <Pine.BSF.4.10.10005151143580.75260-100000@grobin.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>I have setup a test jail on my workstation with good results. The first >problem I have found is that I can't access the jailed IP at all from the >host system, nor the host system from the jailed one. However both host >and jailed IPs are accessible to other machines on the network. Is this >intentional? Sounds like some kind of configuration error in your end. It works fine for me. In general it is best to add the IP aliases to the lo0 interface. >Finally how secure is jail really? I don't know of any way to escape. There are a few known things where someone in a jail can make a nuisance of themselves, but not a way for them to break out. >Is jail still under active development? I would call it "under normal maintenance", there are no planned new features on the way. >Is it worth the trouble to do any of this? Now how would *I* know ? :-) -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6177.958411055>