On Mon, Jan 31, 2005 at 01:29:24PM -0600, [EMAIL PROTECTED] wrote: > Very nice idea!! This greatly improves jail management on FreeBSD. There > is a possibility for a minor drawback -- if one can change a system binary > in the host system, them all jails are compromised -- but assuming one > would need root access on the host to change the binary, he would have > power to change any jail anyway, so this is rather redundant. > > Great feature here, when can we see this added to the system?
BTW, people are using setups like this for years. > >> I have already done some experiments. Basically we want the following > >> directories to be mount_null'ed: > >> /bin, /sbin, /lib, /libexec, /usr/bin, /usr/sbin, /usr/include, > >> /usr/lib, /usr/libdata, /usr/libexec, /usr/sbin, /usr/share -- Paweł Małachowski _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
