> Do you know if there is a way that chmod on / from within the jail could > be prevented easily without breaking something ? Maybe not failing but > falling though and return 0 for any operation with the sole argument of /. Enforcing 700 on the jail root? Whilst I was wrong on chmod 700 on (say) /usr/jails it is still the case that the root directory of the jail itself (/usr/jail/jailname) has to be 755 for non-root processeses within the jail to access the filesystem! cheers, Jamie _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"