Date: Fri, 15 Dec 2000 15:55:04 -0500 (EST) From: Rob Simmons <rsimmons@wlcg.com> To: Peter Brezny <peter@sysadmin-inc.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: named, _sandbox_ and chroot? Message-ID: <Pine.BSF.4.21.0012151551490.92637-100000@mail.wlcg.com> In-Reply-To: <002801c066ef$415e7460$46010a0a@sysadmininc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
A chrooted environment is a sandbox. There are two effective methods of creating a sandbox in FreeBSD. You can chroot a process, which changes the root directory that the process has access to, and you must provide all the resources/libraries/binaries that it would need inside of that directory. Another way is to create a jail, which is essentially a virtual machine running its own entire copy of FreeBSD. The details of doing this are very well laid out in the man page jail(8). Robert Simmons Systems Administrator http://www.wlcg.com/ On Fri, 15 Dec 2000, Peter Brezny wrote: > If you are running named in a sand box, is it advisable to run it in a > chrooted enviroment as well? > > Why or why not? > > TIA > > Peter Brezny > SysAdmin Services Inc. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0012151551490.92637-100000>