V_* meta-symbols and locking
Marko Zec
zec at icir.org
Wed Jun 18 19:57:01 UTC 2008
On Wednesday 18 June 2008 21:46:38 James Gritton wrote:
> Marko Zec wrote:
> > The only thing I'd like to have
> > as an option is to be able to spawn a new process in the target VM
> > _without_ making it chrooted...
>
> If you mean creating a jail that's not chrooted, that's no problem.
> If you mean creating a jail that *is* chrooted, and then placing a
> process into that jail without chrooting it, that would be a breakage
> of the jail paradigm. Hopefully you mean the former?
No, I want the later, as an option. Given that the parent environment /
jail completely controls the child anyhow, I don't think such an
(optional) behavior would be too big a security issue.
Marko
More information about the freebsd-virtualization
mailing list