From owner-freebsd-net  Fri Dec 15 13:20:43 2000
From owner-freebsd-net@FreeBSD.ORG  Fri Dec 15 13:20:39 2000
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mta4.rcsntx.swbell.net (mta4.rcsntx.swbell.net [151.164.30.28])
	by hub.freebsd.org (Postfix) with ESMTP id 6A72437B6BE
	for <freebsd-net@FreeBSD.ORG>; Fri, 15 Dec 2000 13:19:45 -0800 (PST)
Received: from holly.calldei.com ([208.191.149.190]) by mta4.rcsntx.swbell.net
 (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9)
 with ESMTP id <0G5M000B7OFU08@mta4.rcsntx.swbell.net> for
 freebsd-net@FreeBSD.ORG; Fri, 15 Dec 2000 15:16:43 -0600 (CST)
Received: (from chris@localhost) by holly.calldei.com (8.9.3/8.9.3)
 id PAA46685; Fri, 15 Dec 2000 15:16:10 -0600 (CST envelope-from chris)
Date: Fri, 15 Dec 2000 15:15:59 -0600
From: Chris Costello <chris@calldei.com>
Subject: Re: named in a sand box.
In-reply-to: <000701c066db$e8969eb0$1200a8c0@gsicomp.on.ca>
To: Matthew Emmerton <matt@gsicomp.on.ca>
Cc: peter@sysadmin-inc.com, freebsd-net@FreeBSD.ORG
Reply-To: chris@calldei.com
Message-id: <20001215151559.D37756@holly.calldei.com>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
User-Agent: Mutt/0.96.4i
References: <002d01c066f4$1ba7a980$46010a0a@sysadmininc.com>
 <000701c066db$e8969eb0$1200a8c0@gsicomp.on.ca>
Sender: chris@holly.calldei.com
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Friday, December 15, 2000, Matthew Emmerton wrote:
> However, with the advent of chroot and the security gains that it provides,
> "sandbox" has been re-defined to mean b) in most cases.

   chroot is not meant as a security mechanism, it was only meant
to change the meaning of "/", originally for building a BSD
release (/usr/share/doc/papers/jail.* on -CURRENT).  Use the jail
mechanism if you need to securely make that sort of "sandbox".

-- 
|Chris Costello <chris@calldei.com>
|Programs: What software used to be, back when we knew how to write it.
`----------------------------------------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message