On 3/26/06, A Rossi <[EMAIL PROTECTED]> wrote: > I've been comparing FreeBSD with OpenBSD as of late for the role of web > server. I generally prefer OpenBSD because I find it easier to use (I > like finding the configs for my installed applications in /etc not > /usr/local/etc among other things) however, jail()-from what I've > read-seems to be superior to chroot(), which leads me to my question: > why isn't jail() implemented in OpenBSD? It does look like a massive > undertaking would be needed to implement it, but code auditing is also a > big undertaking as well(unless I am mistaken). > I've checked the man pages and the archives and I didn't find the > answers there (it's possible that I overlooked them too).
Jail really is nice, but you can accomplish the same thing when using chroot + systrace if you just want a single running service per virtual jail. You can make it even tighter then a jail. But ok, it is a lot of work, jails make it easy to implement virtual servers. It is a nice feature, but I don't miss it on OpenBSD. Wijnand -- OpenBSD needs your help improving the softwareworld, please donate: http://openbsd.org/donations.html Yes big code using companies, that includes you!
