jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] rsync files

From: Bas Jansen
Subject: Re: [Jailkit-users] rsync files
Date: Thu, 05 Jan 2006 09:13:32 +0100 
No it's quite different (if you meant the first version), on the server
sides you now have a read only mount (bind in the 1 i spread out, might
switch to loopback to save on disk space) that only contains the setuid
rooted rsync, the libraries and the etc user file (for just that jail
user). Then there is a no-dev, no-suid, no-exec writeable mount mounted
under that other mount as /data where the stuff is actually written.

This means that you can't read device files from the backup, can't
modify any files that  are used in the jail itself since they are
read-only.

Hope that explains a bit? ... i should draw a simple model of it some
time to make it easily visible i guess :P

Greetings,
Bas

On Wed, 2006-01-04 at 23:18 +0100, Olivier Sessink wrote:
> Bas Jansen wrote:
> 
> > THIS way i am more convinced that it's (near?) unbreakable....
> 
> what exactly is more unbreakable than your previous setup? it's the same
> idea on the server, right?
> 
> Olivier
> 
> 
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
reply via email to
[Prev in Thread] Current Thread [Next in Thread]