[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: chroot() break



> I'd note that "jail is in principle a good idea, but hard to do and not worth
> developer time at the moment" would also be convincing.  But when we see
> FreeBSD create what looks like a stronger chroot, and we ask why OpenBSD
> doesn't copy this stronger chroot, especially as OpenBSD has no objection to
> using chroot itself, then asserting that jail doesn't do any good isn't
> convincing.  

Things like jail and chroot are just subsets of the full power of a
Trusted system.  I personally think that OpenBSD is right to not
bother with jail, etc.  Either we should go all the way with a trusted
system, or we should just stick with plain old Unix.

I'm following the TrustedBSD project (www.trustedbsd.org) and also the
eros project (www.eros-os.org) closely, because I think this kind of
thing is the next step in security.  If you could combine these new
security designs with OpenBSD's incredible code quality, wow.