On Sat, Nov 13, 2004 at 04:45:38PM +1100, Dmitri Nikulin wrote:
> One thing that is definitely a very good privacy/security feature is 
> what FreeBSD implemented that can prevent users seeing the PIDs (or 
> indeed any info) of processes they don't own, via ps or top or whatever 
> else. Nobody can argue that this is a Good Thing on a shared shell 
> server. Whether or not this is easy to implement cleanly is another matter.



A question, is that the default behavior or because of their jail-stuff?
And, heh, what do you say about jails? My impression was that half of the
effects are "reproduceable" with tools we already have, I end up with "virtual
servers", so a user logs in via ssh on 192.168.0.2, and it looks like he owns
the machine, he is root and so on but indeed its just a "chroot'ed and 
systrace'd working environment" which is represented to the host system as a 
file.