Re: Idea about 'skeleton jail

Frank == Frank Knobbe [EMAIL PROTECTED] writes: Frank If you nullfs these directories, you loose the ability to Frank prune the jail. Pruning is part of system hardening. I'd May be it's better to use unionfs, so anybody can replace binaries with their stub version pre jail. -- DSS5-RIPE

Re: the current status of nullfs, unionfs

Kris == Kris Kennaway [EMAIL PROTECTED] writes: Kris nullfs seems to work fine, unionfs is very fragile and easily Kris exploded. nullfs is absolutely useless for jail's because TOO slow. -- DSS5-RIPE DSS-RIPN 2:550/[EMAIL PROTECTED] 2:550/[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]

Re: the current status of nullfs, unionfs

Kris == Kris Kennaway [EMAIL PROTECTED] writes: Kris nullfs seems to work fine, unionfs is very fragile and easily Kris exploded. nullfs is absolutely useless for jail's because TOO slow. -- DSS5-RIPE DSS-RIPN 2:550/[EMAIL PROTECTED] 2:550/[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]