Hello hackers! I've a few questions about jail(8) and hope you'll be so kind to answer them =)
First of all: Why is procfs(5) required inside a jail (speaking about 5.x and 6) ? " As procfs is considered deprecated due to its inherent security risks",why should it be used inside a jail? Second question: why does an "ifconfig" from inside a jail list every network card present in the host system? Wouldn't it be better if only lo0 and the interface with the jail IP are listed ? I think it will, because it's my personal opinion (please refute me, I can be wrong) that one jail's purpouses is to fool the jail users, making them believe that they are inside a real system. I came to this conclusion reading about security.jail.getfstatroot_only in jail(8). Thank you in advance for your replies. Best Regards -- Rionda aka Matteo Riondato GUFI Staff Member (http://www.gufi.org) FreeSBIE Developer (http://www.freesbie.org) BSD-FAQ-it Main Developer (http://www.gufi.org/~rionda) Sent from: kaiser.sig11.org running FreeBSD-6.0-CURRENT
signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata