« Previous 1 2 3 4
How to configure and use jailed processes in FreeBSD
Safely Behind Bars
Conclusions
The jail solution on FreeBSD is not only a security concept, it also provides a small virtualization solution. It gives data center administrators a powerful tool and allows Internet service providers to offer a root shell to their customers. The model's design ensures full security.
Jails also offer administrators on home networks a significant security advantage, for example, by locking up the DNS service and a web browser in a jail. These features all demonstrate that jails on FreeBSD can provide a genuine benefit with versatile applications.
Infos
- FreeBSD Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/
- Nemeth, Evi, et al. Unix and Linux System Administration Handbook , 4th Edition. Prentice Hall. 2010.
- Sarmiento, Evan. "The Jail Subsystem," Chapter 4, in FreeBSD Architecture Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/jail.html
- Kamp, Poul-Henning, and Robert N.M. Watson, "Jails: Confining the omnipotent root": http://www.watson.org/~robert/freebsd/sane2000-jail.pdf
- McKusick, Marshall Kirk, and George V. Neville-Neil. The Design and Implementation of the FreeBSD Operating System , Chapter 4: The Jail Facility in FreeBSD 5.2. Addison-Wesley. 2004.
- Man pages: jail(8), jexec(8), jls(8), killall(1), ipfw(8), ezjail-admin(1), mount_nullfs(8)
- ISC DHCP daemon: http://www.isc.org/index.pl
- Postfix MTA: http://www.postfix.org
- FreeBSD Forums: http://forums.freebsd.org/
- PF packet filter manual: http://www.openbsd.org/faq/pf/
« Previous 1 2 3 4
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.