Capsicum project: Ideas needed
Pedro F. Giffuni
giffunip at tutopia.com
Fri Jul 8 16:10:39 UTC 2011
FWIW;
I would think ftpd, which may require an update too,
would be a classical candidate. Perhaps also telnetd.
I recall sendmail calls bin/sh for some things and there
is an option for a restricted shell (rsh), so supporting
a shell would help sendmail too.
And then some stuff like ipfw is never too security aware.
However for those of us not capsicum-aware it's difficult
to say if using jails would be better or more practical.
cheers,
Pedro.
More information about the freebsd-hackers
mailing list