Subject: Re: Jail For NetBSD
To: NetBSD Kernel <>
From: Sascha Retzki <>
List: tech-kern
Date: 12/06/2004 18:56:00
On Mon, Dec 06, 2004 at 05:46:15PM +0100, The Black Hacker wrote:
> Of course yes: it all can be done also with chroot + systrace or well 
> done mandatory access control policies but.... a jail is a nice setup 
> that an average sysadm can have in production in half an hour...

Well, what I think about this is:
If you can have all the stuff you counted with chroot +systrace + xen + ACL (
did you mean ACLs? "access control policies"), Then it would be great to write
a guide + shell-scripts or something.

So, In my opinion:
"The NetBSD-point-of-view is to provide a general API/facility, that you could 
also use for different things."

Jails *are* cool, I'd love to use this thing on NetBSD.
If I can do all that with chroot +sys....., I am ok with writting a guide +
writting some tools and do that myself, rather then, sorry, mess up the OS,
write programms that just lead to "servers" and sys-admins-needs, and forget
what an unix-OS is... .

Just my 2 cents,

Sascha Retzki