Jen pro doplneni:
---------------------
Processes within the jail will find that they are unable to interact or
even verify the existence of processes outside the jail -- processes
within the jail are prevented from delivering signals to processes
outside the jail, as well as connecting to those processes with
debuggers, or even see them in the sysctl or process file system
monitoring mechanisms. Jail does not prevent, nor is it intended to
prevent, the use of covert channels or communications mechanisms via
accepted interfaces -- for example, two processes may communicate via
sockets over the IP network interface. Nor does it attempt to provide
scheduling services based on the partition; however, it does prevent
calls that interfere with normal process operation.
---------------------
Kirk McKusick, ;login: The USENIX Magazine, 2004, Volume 29, Number 4
http://www.usenix.org/publications/login/2004-08/pdfs/mckusick.pdf
Takze zalezi, jestli IPC je nebo ma byt "accepted interface" ...
Dan
--
FreeBSD mailing list (users-l@freebsd.cz)
http://www.freebsd.cz/listserv/listinfo/users-l
