copsewood on Nostr: dziq I don't have current BSD experience, but in principle, jailing any process ...
dziq (nprofile…vga3)
I don't have current BSD experience, but in principle, jailing any process denies it access to dynamic resources present on parts of the filesystem you've denied it access to.
You may need to recompile/link to use statically linked binaries within the jail to fix that one.
Another issue may concern whether your jail tech restricts the networking API e.g. via local sockets or system calls.
I don't have current BSD experience, but in principle, jailing any process denies it access to dynamic resources present on parts of the filesystem you've denied it access to.
You may need to recompile/link to use statically linked binaries within the jail to fix that one.
Another issue may concern whether your jail tech restricts the networking API e.g. via local sockets or system calls.