On Monday 13 September 2010 08:16:00 pm you wrote: > On Mon, 13 Sep 2010, Sebastian Reitenbach wrote: > > Hi, > > > > attached a tarball for an new port: security/jailkit: > > > > Jailkit is a set of utilities to limit user accounts to specific > > files using chroot() and or specific commands. Setting up a chroot > > shell, a shell limited to some specific command, or a daemon inside > > a chroot jail is a lot easier and can be automated using these utilities. > > > > Its a fresh release containing the fixes regarding packaging I had > > reported upstream. > > > > please review/comment or even OK to check in? > > Please consider this older port of mine and check whether there are > things worth merging. There is indeed a bunch of stuff worth merging.
> > Also are jk_uchroot and jk_chrootsh usefull without the setuid bit? I > mean if we are forced to run chmod ... to get a useful port anyway, we > could do it in the PLIST and just add a warning to MESSAGE instead. They are not useful without. I thought a warning might be forgotten, and forcing the administrator doing it manually would be a bit "more secure". But I could also do like you suggested. I'll update the tarball. Sebastian
