|
Lines 53-58
Link Here
|
| 53 |
The user name from jailed environment as whom the |
53 |
The user name from jailed environment as whom the |
| 54 |
.Ar command |
54 |
.Ar command |
| 55 |
should run. |
55 |
should run. |
|
|
56 |
.Sh DESIGN NOTES |
| 57 |
Administrator have to be aware that non-jailed users |
| 58 |
can kill processes owned by the same UID that are |
| 59 |
running in jail environments. It is suggested that |
| 60 |
the administrators do not create user accounts outside |
| 61 |
the jail enviornments with the same UIDs as the accounts |
| 62 |
inside the jail. Exactly same problem exists with file |
| 63 |
system objects and this can't be sloved in this way, |
| 64 |
because no information about jail exists in file's inode |
| 65 |
and users outside of jail are not chrooted. |
| 66 |
|
| 67 |
If administrator is running virtual servers with jail and |
| 68 |
with regular users inside those virtual servers, it is |
| 69 |
recommended that there should be no users accounts on this |
| 70 |
machine outside the jail environments. |
| 71 |
|
| 72 |
This above is an expected behavior. |
| 56 |
.Sh SEE ALSO |
73 |
.Sh SEE ALSO |
| 57 |
.Xr jail_attach 2 , |
74 |
.Xr jail_attach 2 , |
| 58 |
.Xr jail 8 , |
75 |
.Xr jail 8 , |