From owner-freebsd-security Mon Aug 6 4:40:41 2001 Delivered-To: freebsd-security@freebsd.org Received: from unity.agava.ru (unity.agava.ru [213.59.3.227]) by hub.freebsd.org (Postfix) with ESMTP id 62B1937B403 for ; Mon, 6 Aug 2001 04:40:39 -0700 (PDT) (envelope-from frank@agava.com) Received: from relay2.agava.net.ru (unknown [193.125.142.2]) by unity.agava.ru (Postfix) with ESMTP id 2644927E849; Mon, 6 Aug 2001 15:40:33 +0400 (MSD) Received: from gw.office.agava.ru (2.oivt.mipt.ru [193.125.142.2]) by relay2.agava.net.ru (Postfix) with ESMTP id 7377F43854; Mon, 6 Aug 2001 15:39:56 +0400 (MSD) Received: from hellbell.domain (hellbell.domain [192.168.1.12]) by gw.office.agava.ru (Postfix) with ESMTP id E9A706087; Mon, 6 Aug 2001 15:39:42 +0400 (MSD) Received: from localhost (localhost [127.0.0.1]) by hellbell.domain (Postfix) with ESMTP id 968DDCCE5; Mon, 6 Aug 2001 15:39:42 +0400 (MSD) Date: Mon, 6 Aug 2001 15:39:42 +0400 (MSD) From: Alexey Zakirov X-X-Sender: To: Paulo Fragoso Cc: Subject: Re[2]: SSHD in JAIL In-Reply-To: <20010806082311.E84271-100000@mirage.nlink.com.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 6 Aug 2001, Paulo Fragoso wrote: > I was thinking if jail dir mounted on file system with "nodev" it will > more secure. Anyone colud acess any disks in the jails enviroment. Is it > all right? yes, but you don't have to create all those disk device nodes. And of course you can't create a device node inside jail itself. *** WBR, Alexey Zakirov (frank@agava.com) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message