Date: Tue, 09 Nov 1999 14:04:38 -0700 From: Warner Losh <imp@village.org> To: Jamie Bowden <ragnar@sysabend.org> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Should jail treat ip-number? Message-ID: <199911092104.OAA01171@harmony.village.org> In-Reply-To: Your message of "Tue, 09 Nov 1999 05:29:51 PST." <Pine.BSF.4.10.9911090527520.39794-100000@moo.sysabend.org> References: <Pine.BSF.4.10.9911090527520.39794-100000@moo.sysabend.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.10.9911090527520.39794-100000@moo.sysabend.org> Jamie Bowden writes: : What does jail do that chroot doesn't? I've seen several discussions on : jail on -hackers, but no explanation of why it was implemented, or how : it's different from chroot. It restricts root's ability to do things which would otherwise allow, amoung other things, it to climb out of a chroot'd directory. It also doesn't allow root to create device entries, which helps to keep your data safer. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911092104.OAA01171>