-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A long time ago, in a galaxy far, far way, someone said...
> No. chroot is not safe enough. I want to create virtual boxes in which > I can give root rights to other people and I want to be sure that they > can't break other boxes. The closest Linux comes to FreeBSD's "jail" functionality is User-Mode Linux. The home page is http://user-mode-linux.sourceforge.net/. What it is is a port of the 2.4.x Linux kernel to run as a user-level application. It creates a virtual machine with its own root file system, root password, and so on. The applications running in the virtual machine (eg BIND) have no way of knowing that they are running in a virtual machine. If the application in the VM gets hacked, all the attacker gets to is the simulated root, and has *no* access to the host machine (rather, as much access as the administrator gives the vm). Network access goes over a simulated lan on the host machine using Linux's ethernet tap functionality. - -- - ---------------------------------------------------------------------- Phil Brutsche [EMAIL PROTECTED] GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC GPG key id: 50DE1CFC GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6sQQ0/ZTSZFDeHPwRAvasAJsH/jheWQl6MTNJbb9gTvPcxtXO4wCfQKNy /POH7VXL5sqhWtGd2WbI4ac= =6Io3 -----END PGP SIGNATURE-----
