The jail facility provides
FreeBSD with a conceptually simple security partitioning mechanism, allowing the
delegation of administrative rights within virtual machine partitions.
The implementation relies on
restricting access within the jail environment to a well-defined subset of the
overall host environment. This includes limiting interaction between processes,
and to files, network resources, and privileged operations. Administrative
overhead is reduced through avoiding fine-grained access control mechanisms, and
maintaining a consistent administrative interface across partitions and the host
The jail facility has already
seen widespread deployment in particular as a vehicle for delivering
"virtual private server" services.
The jail code is included in
the base system as part of FreeBSD 4.0-RELEASE, and fully documented in the
jail(2) and jail(8) man-pages.
Notes & References
- K. J. Biba, Integrity Considerations for Secure Computer Systems, USAF
Electronic Systems Division, 1977
- Dr. Marshall Kirk Mckusick, private communication: ``According to the SCCS
logs, the chroot call was added by Bill Joy on March 18, 1982 approximately
1.5 years before 4.2BSD was released. That was well before we had
ftp servers of any sort (ftp did not show up in the source tree until
January 1983). My best guess as to its purpose was to allow Bill to chroot
into the /4.2BSD build directory and build a system using only the files,
include files, etc contained in that tree. That was the only use of chroot
that I remember from the early days.''
- David Petrou and John Milford. Proportional-Share Scheduling:
Implementation and Evaluation in a Widely-Deployed Operating System,
December 1997. http://www.cs.cmu.edu/~dpetrou/papers/freebsd_lottery_writeup98.ps
Carl A. Waldspurger and William E. Weihl. Lottery Scheduling: Flexible
Proportional-Share Resource Management, Proceedings of the First Symposium
on Operating Systems Design and Implementation (OSDI '94), pages 1-11,
Monterey, California, November 1994.
Draft Standard for Information Technology --
Portable Operating System Interface (POSIX) --
Part 1: System Application Program Interface (API) -- Amendment:
Protection, Audit and Control Interfaces [C Language]
IEEE Std 1003.1e Draft 17 Editor Casey Schaufler
Historically other names have been used at times, Zilog for instance
called the super-user account ``zeus''.
One such niche product is the ``UAS'' system to maintain and audit
RACF configurations on MVS systems.
Quote from the User-Friendly cartoon by Illiad.