Linux chroot监狱和FreeBSD监狱有什么区别?
[英]What's the difference between a Linux chroot jail and a FreeBSD jail?
问题描述
What's the difference between a Linux chroot jail and a FreeBSD jail? 
Linux chroot监狱和FreeBSD监狱有什么区别? Are they synonyms in modern systems? 它们是现代系统中的同义词吗? Is one more secure than the other? 一个比另一个更安全吗? Is one more flexible? 一个人更灵活吗?
1 个解决方案
解决方案1
23 已采纳 2011-06-18 00:50:41
Actually, they have almost nothing in common. 实际上,它们几乎没有任何共同之处。
A Linux "chroot environment" is just what / resolves to for a single process. 一个Linux“chroot环境”正是/解析为一个单一的过程。 Anything the process can do with access to that tree, it can do. 这个过程可以对访问该树进行任何操作,它可以做到。 So in general it can (eg) enumerate other processes on the system, and if it is a "root" process, it can still take over the machine. 因此通常它可以(例如)枚举系统上的其他进程,如果它是“根”进程,它仍然可以接管机器。
A FreeBSD jail, on the other hand, is more like a virtual machine than a Linux chroot jail. 另一方面,FreeBSD监狱更像是一个虚拟机而不是Linux chroot监狱。 It is a partition of the system with its own file system, user accounts, etc. The root user inside the jail only has administrative access to other objects in the jail; 它是系统的一个分区,有自己的文件系统,用户帐户等.jail中的root用户只对jail中的其他对象具有管理访问权限。 it cannot access anything outside of its jail. 它无法访问其监狱之外的任何东西。
I will not respond to the "more secure" or "more flexible" questions since those are weasel words. 我不会回答“更安全”或“更灵活”的问题,因为那些是狡猾的话。 The mechanisms are just completely different by design, that's all. 这些机制完全不同于设计,就是这样。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.