Re: NetBSD Jails

To: "Aaron B." <aaron%zadzmo.org@localhost>
Subject: Re: NetBSD Jails
From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Date: Mon, 18 May 2020 19:22:51 -0500 (CDT)

On Sat, 16 May 2020, Aaron B. wrote:

> It also doesn't solve the ultimate issue here, which is isolation: a
> user (in the kernel sense of user, not necessary a human logged in via
> SSH) in one chroot could run 'ls' or equivalant syscalls and see
> activity inside a different chroot.

Assuming this is a typo, please see the
security.curtain=1 sysctl.

For details, read manuals:
security(7)
secmodel_extensions(9)
sysctl(7)

References:
- NetBSD Jails
  - From: Julien Savard
- Re: NetBSD Jails
  - From: Aaron B.
- Re: NetBSD Jails
  - From: Greg A. Woods
- Re: NetBSD Jails
  - From: Aaron B.
- Re: NetBSD Jails
  - From: Greg A. Woods
- Re: NetBSD Jails
  - From: Aaron B.

Prev by Date: Re: NetBSD Jails
Next by Date: Re: NetBSD Jails
Previous by Thread: Re: NetBSD Jails
Next by Thread: Re: NetBSD Jails
Indexes:

Home | Main Index | Thread Index | Old Index