On Mon, Jan 14, 2002 at 08:30:32PM +0300, zhuravlev alexander wrote:
On Mon, Jan 14, 2002 at 09:42:26AM -0500, Robert Watson wrote:
If the NFS mount is visible in the jail's namespace, then the jailed
processes can access it subject to normal access control restrictions.
However, processes in jail are not permitted to mount, remount, or unmount
filesystems, so any access to NFS must be configured by a process outside
the jail (and preferably, before any untrusted processes run in the jail,
so as to prevent racing and path-based games). Typically, when using NFS
with a jail, I'll do the NFS mounting prior to actually starting the jail.
by the way ...
when it type in jailed box
i saw all filesystems and shares mounted by host system
is this correct ?
u l s t u c t c
To Unsubscribe: send mail to majo...@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message