Date: Fri, 15 Dec 2000 15:15:59 -0600 From: Chris Costello <chris@calldei.com> To: Matthew Emmerton <matt@gsicomp.on.ca> Cc: peter@sysadmin-inc.com, freebsd-net@FreeBSD.ORG Subject: Re: named in a sand box. Message-ID: <20001215151559.D37756@holly.calldei.com> In-Reply-To: <000701c066db$e8969eb0$1200a8c0@gsicomp.on.ca> References: <002d01c066f4$1ba7a980$46010a0a@sysadmininc.com> <000701c066db$e8969eb0$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, December 15, 2000, Matthew Emmerton wrote: > However, with the advent of chroot and the security gains that it provides, > "sandbox" has been re-defined to mean b) in most cases. chroot is not meant as a security mechanism, it was only meant to change the meaning of "/", originally for building a BSD release (/usr/share/doc/papers/jail.* on -CURRENT). Use the jail mechanism if you need to securely make that sort of "sandbox". -- |Chris Costello <chris@calldei.com> |Programs: What software used to be, back when we knew how to write it. `---------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001215151559.D37756>