Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S268340AbUJGWvd (ORCPT ); Thu, 7 Oct 2004 18:51:33 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S269852AbUJGWSo (ORCPT ); Thu, 7 Oct 2004 18:18:44 -0400 Received: from run.smurf.noris.de ([192.109.102.41]:7808 "EHLO server.smurf.noris.de") by vger.kernel.org with ESMTP id S269856AbUJGWRw (ORCPT ); Thu, 7 Oct 2004 18:17:52 -0400 To: linux-kernel@vger.kernel.org Path: not-for-mail From: Matthias Urlichs Newsgroups: smurf.list.linux.kernel Subject: Re: lsm: add bsdjail documentation Date: Fri, 08 Oct 2004 00:17:09 +0200 Organization: {M:U} IT Consulting Message-ID: References: <1097094103.6939.5.camel@serge.austin.ibm.com> <1097094358.6939.13.camel@serge.austin.ibm.com> NNTP-Posting-Host: kiste.smurf.noris.de Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT X-Trace: server.smurf.noris.de 1097187429 31272 192.109.102.35 (7 Oct 2004 22:17:09 GMT) X-Complaints-To: smurf@noris.de NNTP-Posting-Date: Thu, 7 Oct 2004 22:17:09 +0000 (UTC) User-Agent: Pan/0.14.2.91 (As She Crawled Across the Table) X-Face: '&-&kxR\8+Pqalw@VzN\p?]]eIYwRDxvrwEM + echo -n "ip 2.2.2.2" > /proc/$$/attr/exec (optional) Please use RFC private addresses in example code. That being said, bsdjail is a very good idea (which is why we're stealing it from BSD after all ...). It affords lightweight compartmentalization, in other words a chroot-on-steroids, which is exactly what I need to split one box into a couple of mostly-independent realms, and I assume that many ISP/ASP/whatever hosting people will agree. Anyway, that's my vote for adding it to the kernel. -- Matthias Urlichs - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/