isolation of GO lang application (jail and chroot)

Aleksander Alekseev afiskon at
Mon Aug 15 19:43:30 UTC 2016

Hello, Sergei

There is a good chapter about jails in a handbook:

However in my opinion since your application is already "all in one"
executable which is written in safe high level language there is little
benefit of using jails in your case. Perhaps running it under a user
with appropriate permissions and quotas, plus setting up a firewall will
be good enough.

I believe jails are more for applications you don't really trust. For
instance if you are creating a shared web hosting or selling VDS'es.
For all this "running everything in a container and only one executable
per container" stupid rules we should be grateful to Docker and people
who sell it. Most of the time you don't need it since it's just doesn't
solve any problem.

Best regards,
Aleksander Alekseev

More information about the freebsd-questions mailing list