#define quoting(Poul-Henning Kamp)
// I'm polishing up the "JAIL" code I wrote and readying it for -current.
//
// This code provides an optional strenthening of the chroot() jail
// as we know it, and will provide safe sandboxes for most practical
// uses.
//
// The biggest impact of this is a new argument to the suser() call
// all over the kernel:
//
// suser(NOJAIL, bla, bla);
// or
// suser(0, bla, bla);
//
// The NOJAIL option means that a jailed root fails the test.
Do you have a list of which tests will receive this option ?
// I will add this extra arg to suser() in the first commit.
//
// Each Jail can optionally be assigned one IP number, which they
// have access to. All connections to and from that jail will
// use that IP#.
This looks interesting. How would you specify the IP to use ?
Jonny
--
Joao Carlos Mendes Luis M.Sc. Student
[email protected] Universidade Federal do Rio de Janeiro
"This .sig is not meant to be politically correct."
To Unsubscribe: send mail to [email protected]
with "unsubscribe freebsd-current" in the body of the message
