On Mon, 31 Jan 2011 17:43:30 -0500 Dustin Cannon <dustin.can...@gmail.com> wrote:
> Perhaps it's just a matter of > someone being interested enough to take the plunge? And decide whether they think it's worthwhile or more important than other things to work on. The FreeBSD jail is quite quite cool in some respects, and very very occasionally I've thought that might be quite handy. Systrace can still be useful for security, but not in the original way intended and so needs a lot more patience and understanding because yes there is the race issue which niels provos wanted fixing in the kernel. I've read this would take a lot of work, never mind adding all the rest. I would say systrace by itself would be the more useful part. Especially as the perfect jail equals a hw seperated system, which is much easier and won't waste leckie if you have the luxury of choosing hardware. So would a complete jail system be close to a waste of time?
