diff options
| author | Giorgos Keramidas <keramida@FreeBSD.org> | 2002-02-14 13:40:06 +0000 |
|---|---|---|
| committer | Giorgos Keramidas <keramida@FreeBSD.org> | 2002-02-14 13:40:06 +0000 |
| commit | c3bb194e6ffbfae565cebab542f919b6b1d8df6a (patch) | |
| tree | f6e2fab7e489ab99319181f69f463df3f592fe6d | |
| parent | 96d4dfa27304708574d937fbb8aadd5e97d7c722 (diff) | |
Notes
| -rw-r--r-- | en_US.ISO8859-1/books/arch-handbook/jail/chapter.sgml | 10 | ||||
| -rw-r--r-- | en_US.ISO8859-1/books/developers-handbook/jail/chapter.sgml | 10 |
2 files changed, 10 insertions, 10 deletions
diff --git a/en_US.ISO8859-1/books/arch-handbook/jail/chapter.sgml b/en_US.ISO8859-1/books/arch-handbook/jail/chapter.sgml index d9647953f1..df99e3e2a4 100644 --- a/en_US.ISO8859-1/books/arch-handbook/jail/chapter.sgml +++ b/en_US.ISO8859-1/books/arch-handbook/jail/chapter.sgml @@ -24,13 +24,13 @@ damage caused by an attacker. Specifically, one of these functions is called secure levels. Similarly, another function which is present from FreeBSD 4.0 and onward, is a utility called - &man.jail.8;. <application> - <application>jail</application></application> chroots an + &man.jail.8;. <application>Jail</application> chroots an environment and sets certain restrictions on processes which are forked from within. For example, a jailed process cannot affect processes outside of the jail, utilize certain system calls, or - inflict any damage on the main computer. - <application>Jail</application> is becoming the new security + inflict any damage on the main computer.</para> + + <para><application>Jail</application> is becoming the new security model. People are running potentially vulnerable servers such as Apache, BIND, and sendmail within jails, so that if an attacker gains root within the <application>Jail</application>, it is only @@ -553,7 +553,7 @@ int prison_ip(struct proc *p, int flag, u_int32_t *ip) { <para>Jailed users are not allowed to bind services to an ip which does not belong to the jail. The restriction is also - written within the function in_pcbbind :</para> + written within the function <literal>in_pcbbind</literal>:</para> <programlisting><filename>/usr/src/sys/net inet/in_pcb.c</filename> if (nam) { diff --git a/en_US.ISO8859-1/books/developers-handbook/jail/chapter.sgml b/en_US.ISO8859-1/books/developers-handbook/jail/chapter.sgml index d9647953f1..df99e3e2a4 100644 --- a/en_US.ISO8859-1/books/developers-handbook/jail/chapter.sgml +++ b/en_US.ISO8859-1/books/developers-handbook/jail/chapter.sgml @@ -24,13 +24,13 @@ damage caused by an attacker. Specifically, one of these functions is called secure levels. Similarly, another function which is present from FreeBSD 4.0 and onward, is a utility called - &man.jail.8;. <application> - <application>jail</application></application> chroots an + &man.jail.8;. <application>Jail</application> chroots an environment and sets certain restrictions on processes which are forked from within. For example, a jailed process cannot affect processes outside of the jail, utilize certain system calls, or - inflict any damage on the main computer. - <application>Jail</application> is becoming the new security + inflict any damage on the main computer.</para> + + <para><application>Jail</application> is becoming the new security model. People are running potentially vulnerable servers such as Apache, BIND, and sendmail within jails, so that if an attacker gains root within the <application>Jail</application>, it is only @@ -553,7 +553,7 @@ int prison_ip(struct proc *p, int flag, u_int32_t *ip) { <para>Jailed users are not allowed to bind services to an ip which does not belong to the jail. The restriction is also - written within the function in_pcbbind :</para> + written within the function <literal>in_pcbbind</literal>:</para> <programlisting><filename>/usr/src/sys/net inet/in_pcb.c</filename> if (nam) { |