View | Details | Raw Unified | Return to bug 179988
Collapse All | Expand All

(-)en_US.ISO8859-1/books/faq/book.xml (+15 lines)
Lines 5889-5894 Link Here
5889
	    it serves to firewall the process off from processes owned
5889
	    it serves to firewall the process off from processes owned
5890
	    by other users.  The user ID is also used to firewall
5890
	    by other users.  The user ID is also used to firewall
5891
	    off on-disk data.</para>
5891
	    off on-disk data.</para>
5892
5893
	  <para>In addition to process and userid sandboxes offered by
5894
	    the &unix; operating system, &os; provides the &man.jail.8;
5895
	    feature, a secure, fast implementation of <ulink
5896
	      url="https://en.wikipedia.org/wiki/Operating_system-level_virtualization">
5897
	      operating system-level virtualization</ulink>. This
5898
	    allows a single &os; computer to run one or more guest &os;
5899
	    system images with their own users, IP addresses, and
5900
	    processes. Unlike &man.chroot.8;-based sandboxing,
5901
	    processes are permanently confined to the jail they were
5902
	    started in (including those owned by the jail's root user),
5903
	    and cannot affect processes in other jails or the host
5904
	    system. While the &man.jail.8; feature is unique to &os;, it
5905
	    is similar to Solaris Zones, AIX Workload Partitions, and
5906
	    Linux Containers.</para>
5892
	</answer>
5907
	</answer>
5893
      </qandaentry>
5908
      </qandaentry>

Return to bug 179988