[HEADSUP] Disallowing read() of a directory fd

Julian H. Stacey jhs at berklix.com
Fri May 15 18:07:50 UTC 2020


"Poul-Henning Kamp" wrote:
> --------
> In message <202005151504.04FF423p040952 at fire.js.berklix.net>, "Julian H. Stacey
> " writes:
> 
> >No. Root is Root regardless if in a jail or not.
> 
> No.

Thanks, Accepting you mean: power of a root login within a jail is less.

Yes I knew that, but I guess mine above was ambiguous, & more so
without text restored below. I meant root the person, who has to
login & fix various hosts, regardless if they are jails or not.
It's already harder to work in jails; further limitation unwelcome.

> > A root admin of
> > a server in a jail needs full power without waiting days to contact
> > other root human who owns the prison, without wasting human time
> > of jail owner & prison owner formulating email request & considering
> > & enabling requirement.

> See also:  https://papers.freebsd.org/2000/phk-jails/ 

Will do, thanks.

Cheers
--
Julian Stacey, Consultant Systems Engineer, BSD Linux http://berklix.com/jhs/
http://www.berklix.org/corona/#masks  Tie 2 handkerchiefs or 1 pillow case. 
Jobs & economy hit by Corona to be hit again by Crash Brexit 31st Dec. 2020


More information about the freebsd-arch mailing list