Yoshinobu Inoue wrote:
>
> -As already commented, checking those addresses which
> already specified by other jail'ed processes is necessary.
I disagree. The address is specified by the admin of the machine.
Letting him shoot himself in the foot is not particular bad, and the
test can be performed by the userland tools used to manage the
machine.
> solution:
> Don't specify addresses via jail(2), and let kernel select
> any non binded address.
> Loop in_ifaddr list and try in_pcblookup_hash() for each
> of addresses, just as in_pcbbind does it to search for non
> binded port.
>
> A weak point of this solution is that processes in a same jail
> won't be necessariliy binded to a same address, but does it
> matters?
Ok, question: I "buy" a virtual server on the machine to run an
internet daemon of mine. I need the IP to that server to access the
daemon. How do the admin of the machine ensures that _my_ jail will
have the fixed IP assigned to me always with your solution?
--
Daniel C. Sobral (8-DCS)
[EMAIL PROTECTED]
[EMAIL PROTECTED]
"Then again maybe not going to heaven would be a blessing. Relkin
liked a certain amount of peace and harmony, since there'd been a
pronounced shortage of them in his own life; however, nothing but
peace and harmony, forever and forever? He wasn't sure about that.
And no beer? Very dubious proposition."
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
