On Mon, May 5, 2014 at 1:58 PM, Erich Dollansky <erichsfreebsdl...@alogt.com > wrote:
> Hi, > > I do some experimenting with jails at the moment on a FreeBSD 10.0 > machine. The jails are all setup manually according to the handbook and > man jail. Each jail gets a name and an IP address. Individual ports are > then installed via the ports tree. > > X is running on the host system. Telnet is used to connect to the jails. > > When I install now firefox in a jail and also in the host system, I get > the following behaviour. > > Scene A > > Firefox runs already on the host system. I start then firefox inside > the jail firefox. It all seems fine as long as I do not use the history > or want to save the visited page. The jailed firefox sees then the > history of the firefox running on the host. > > Scene B > > Firefox is first started inside the jail firefox. When then the host > system also starts a firefox, this firefox sees now the history and the > filesystem of the jailed firefox. > > Is it X that allows the jailed firefox to communicate directly with > firefox running directly on the host? > > Is there then a way to secure the system? > > I have tried then programs like gedit or kate and saw only the > behaviour I expected. Both programs either saw only resources from > inside the jail or from outside but never resources from the other side > of the fence. > > Erich > Firefox is a strange beast in regarads to running it on a remote host. It needs to be started as firefox --no-remote to not find "local running" instance and connect to it. How that happens I don't know... Best regards Andreas _______________________________________________ freebsd-jail@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-jail To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
