der Mouse writes:
> > I hate having to start proxies as root _just_ so they can chroot(2).
> 
> Yeah...I tend to use chroot(8) to do the chroot, then have a tiny

But you still need to start as root.  I'm talking about code I
basically trust, that I would prefer to start from inetd as nobody
rather than root.

matthew green <mrg@eterna.com.au> writes:
> personally, i've hacked chroot(8) to take -u, -g and -G arguments to
> set the user, group and group list of the process run in the chroot.

This sounds like a good idea.

I still like the idea of being able to dissable syscalls for a process
and its children.  I think it would be worthwhile though to avoid
limiting the feature to non-root chroot(2)'d processes.  Though I'm
not suggesting that MLS is necessary (the hacks I mentioned mjr
refering to were to demonstrate how trivial it is to achieve much of
what MLS promises).

--sjg