First page Back Continue Last page Summary Graphics

Jailing with UML


Continuing with other security-related applications of UML, we have jailing. This is the isolation from the host of things that aren't necessarily trusted.
This includes users who may be malicious or just incompetent, and may damage the host in some way.
It also includes services that may be exploitable. bind and sendmail are particularly popular services for UML jailing. As a bonus for jailing services, by default, UML is immune from standard stack smash attacks since it puts process stacks in a different location from where they are on the host.