"Jacques A. Vidrine" wrote: > On Mon, Aug 04, 2003 at 10:53:03AM -0700, Terry Lambert wrote: > > You would either lose or overexpose root-restricted functionality, > > such as flood-ping. > > Eh? Why? pingd can know your credentials. Through the credential passing? I thought that wasn't reliable for this type of thing. Specifically, the jail would be in an untrusted protection domain; if you just accepted the credential blindly, then anyone could be root in the jail, and you could not trust it. If you didn't accept it blindly, then regular root loses existing functionality. I'm pretty sure that, at least the last time I looke at it, the credential passing code didn't pass information about jail status. Yeah, it's doable, but it's not as small amount of work as this discussion so far has implied. Mostly, certain capabilities are going to end up lost. BTW: the main reason for a pingd when dealing with jails isn't about increased security, it's about routing the responses to the appropriate sender. The way Novell dealt with this in IPX was to define an internal network interface that was routed from other internal network interfaces: in effect, they added an internal router hop. -- TerryReceived on Tue Aug 05 2003 - 01:56:52 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:17 UTC