Sandboxing

[mal content]

On 09/11/06, Luke Crawford <lsc at prgmr.com> wrote:
> jail is the best sandbox FreeBSD has;  if that's to heavy, simply run it
> setuid to another user that doesn't have permission to anything- it's not
> as good of a sandbox, but it's lightweight.
>

Of course there is another problem with this approach: a different UID isn't
allowed to connect to :0.0 on the X server under the FreeBSD default
security settings for X.

MC