Consider this interest. On Wed, 27 Jan 1999, Poul-Henning Kamp wrote:
> > I'm polishing up the "JAIL" code I wrote and readying it for -current. > > This code provides an optional strenthening of the chroot() jail > as we know it, and will provide safe sandboxes for most practical > uses. > > The biggest impact of this is a new argument to the suser() call > all over the kernel: > > suser(NOJAIL, bla, bla); > or > suser(0, bla, bla); > > The NOJAIL option means that a jailed root fails the test. > > I will add this extra arg to suser() in the first commit. > > Each Jail can optionally be assigned one IP number, which they > have access to. All connections to and from that jail will > use that IP#. > > If there is interest, this code will be merged to 3.1 as well. > > This work was sponsored by: www.servetheweb.com > > -- > Poul-Henning Kamp FreeBSD coreteam member > p...@freebsd.org "Real hackers run -current on their laptop." > FreeBSD -- It will take a long time before progress goes too far! > > To Unsubscribe: send mail to majord...@freebsd.org > with "unsubscribe freebsd-current" in the body of the message > To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-current" in the body of the message
