Hi,
I've been using FreeBSD and it's jail system to power my server needs. One jail for the database server, providing a unix socket that is null mounted at other jails with webservers, mainly. As I don't find many readings about this kind of setup in NetBSD, I'd like to know what do you do regarding the need to secure a database server, a webserver with php, for example. Do you chroot each service? Use ldd to find the missing components for the services to run? Do it all by hand or is there an automation tools that helps? How about the network stuff? With jails and pf I can route some traffic to a specific jail running some service. How do you manage this in NetBSD land? -- Luis Mendes
