9. Conclusion
The jail facility provides FreeBSD with a conceptually simple security
partitioning mechanism, allowing the delegation of administrative rights
within virtual machine partitions.
The implementation relies on
restricting access within the jail environment to a well-defined subset
of the overall host environment. This includes limiting interaction
between processes, and to files, network resources, and privileged
operations. Administrative overhead is reduced through avoiding
fine-grained access control mechanisms, and maintaining a consistent
administrative interface across partitions and the host environment.
The jail facility has already seen widespread deployment in particular as
a vehicle for delivering "virtual private server" services.
The jail code is included in the base system as part of FreeBSD 4.0-RELEASE,
and fully documented in the jail(2) and jail(8) man-pages.
Notes & References
- [BIBA]
-
K. J. Biba, Integrity Considerations for Secure
Computer Systems, USAF Electronic Systems Division, 1977
- [CHROOT]
-
Dr. Marshall Kirk Mckusick, private communication:
``According to the SCCS logs, the chroot call was added by Bill Joy
on March 18, 1982 approximately 1.5 years before 4.2BSD was released.
That was well before we had ftp servers of any sort (ftp did not
show up in the source tree until January 1983). My best guess as
to its purpose was to allow Bill to chroot into the /4.2BSD build
directory and build a system using only the files, include files,
etc contained in that tree. That was the only use of chroot that
I remember from the early days.''
- [LOTTERY1]
-
David Petrou and John Milford. Proportional-Share Scheduling:
Implementation and Evaluation in a Widely-Deployed Operating System,
December 1997.
http://www.cs.cmu.edu/~dpetrou/papers/freebsd_lottery_writeup98.ps
http://www.cs.cmu.edu/~dpetrou/code/freebsd_lottery_code.tar.gz
[LOTTERY2]
Carl A. Waldspurger and William E. Weihl. Lottery Scheduling: Flexible Proportional-Share Resource Management, Proceedings of the First Symposium on Operating Systems Design and Implementation (OSDI '94), pages 1-11, Monterey, California, November 1994.
http://www.research.digital.com/SRC/personal/caw/papers.html
[POSIX1e]
Draft Standard for Information Technology --
Portable Operating System Interface (POSIX) --
Part 1: System Application Program Interface (API) -- Amendment:
Protection, Audit and Control Interfaces [C Language]
IEEE Std 1003.1e Draft 17 Editor Casey Schaufler
[ROOT]
Historically other names have been used at times, Zilog for instance
called the super-user account ``zeus''.
[UAS]
One such niche product is the ``UAS'' system to maintain and audit
RACF configurations on MVS systems.
http://www.entactinfo.com/products/uas/
[UF]
Quote from the User-Friendly cartoon by Illiad.
http://www.userfriendly.org/cartoons/archives/98nov/19981111.html