chroot and /dev
Kris Kennaway
kris at obsecurity.org
Thu Dec 15 19:23:41 PST 2005
On Thu, Dec 15, 2005 at 07:18:11PM +0000, Dieter wrote:
> How does one provide one or two devices, e.g. /dev/null
> for a chroot environment?
>
> Device nodes created by mknod do not work.
>
> mount_devfs creates an entire device tree, negating
> the security of the chroot.
See the jail manpage (jail is better than chroot if security is your
goal).
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20051215/d25e7dfb/attachment.bin
More information about the freebsd-questions
mailing list