[HEADSUP] Disallowing read() of a directory fd
Julian H. Stacey
jhs at berklix.com
Fri May 15 18:07:50 UTC 2020
"Poul-Henning Kamp" wrote:
> --------
> In message <202005151504.04FF423p040952 at fire.js.berklix.net>, "Julian H. Stacey
> " writes:
>
> >No. Root is Root regardless if in a jail or not.
>
> No.
Thanks, Accepting you mean: power of a root login within a jail is less.
Yes I knew that, but I guess mine above was ambiguous, & more so
without text restored below. I meant root the person, who has to
login & fix various hosts, regardless if they are jails or not.
It's already harder to work in jails; further limitation unwelcome.
> > A root admin of
> > a server in a jail needs full power without waiting days to contact
> > other root human who owns the prison, without wasting human time
> > of jail owner & prison owner formulating email request & considering
> > & enabling requirement.
> See also: https://papers.freebsd.org/2000/phk-jails/
Will do, thanks.
Cheers
--
Julian Stacey, Consultant Systems Engineer, BSD Linux http://berklix.com/jhs/
http://www.berklix.org/corona/#masks Tie 2 handkerchiefs or 1 pillow case.
Jobs & economy hit by Corona to be hit again by Crash Brexit 31st Dec. 2020
More information about the freebsd-arch
mailing list