I've been comparing FreeBSD with OpenBSD as of late for the role of web
server. I generally prefer OpenBSD because I find it easier to use (I
like finding the configs for my installed applications in /etc not
/usr/local/etc among other things) however, jail()-from what I've
read-seems to be superior to chroot(), which leads me to my question:
why isn't jail() implemented in OpenBSD? It does look like a massive
undertaking would be needed to implement it, but code auditing is also a
big undertaking as well(unless I am mistaken).
I've checked the man pages and the archives and I didn't find the
answers there (it's possible that I overlooked them too).
- Jail() vs. chroot() A Rossi
- Re: Jail() vs. chroot() Wijnand Wiersma
- Re: Jail() vs. chroot() Ted Unangst
