Running Tor service in the jail environment

Ian Lepore ian at freebsd.org
Tue Dec 11 19:12:55 UTC 2018


On Tue, 2018-12-11 at 19:58 +0100, Hubert Hauser wrote:
> Hello!
> > 
> > You should not be running ntpd inside a jail, it won't have the
> > priveleges to set the kernel clock anyway, only the ntpd running in
> > a
> > non-jailed environment can do that.
> How can I prevent running ntpd and lpd in the jail environment?
> 

Set the appropriate variables (ntpd_enable=NO, etc) in the /etc/rc.conf
for the jail.

-- Ian

> > 
> > I wouldn't use a jail for that. Take a look at this article I wrote
> > about how to use Tor in the manner you're looking for:
> > 
> > https://github.com/lattera/articles/blob/master/infosec/tor/2017-01
> > -14_torified_home/article.md
> It sounds like a good idea but weren't a better solution use an
> open-hardware device acting as Tor router with installed OpenBSD or
> HardenedBSD? Why wouldn't you use for it jail environment? I want to
> place Tor in the jail environment because I want to prevent system
> being
> compromised in case compromising Tor service.
> 
> Thank you in advance,
> Hubert.
> 
> 
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd
> .org"


More information about the freebsd-hackers mailing list