FreeBSD jail system

GPTKB entity

Statements (51)
Predicate Object
gptkbp:instanceOf operating system security feature
gptkbp:allows multiple user-space instances
gptkbp:canBe multiple IP addresses
different network stacks
different user environments
gptkbp:canBeEphemeral yes
gptkbp:canBeManagedBy gptkb:ezjail
gptkb:iocage
bastille
gptkbp:canBeNested no
gptkbp:canBePersistent yes
gptkbp:commandLineTool gptkb:prison
jls
jail_attach
jailme
jexec
gptkbp:component jail(8)
gptkbp:configuration /etc/jail.conf
gptkbp:defaultShell /bin/sh
gptkbp:developedBy gptkb:FreeBSD_Project
gptkbp:documentation gptkb:FreeBSD_Handbook
man jail(8)
gptkbp:features gptkb:mandatory_access_control
https://www.w3.org/2000/01/rdf-schema#label FreeBSD jail system
gptkbp:introducedIn gptkb:FreeBSD_4.0
gptkbp:license gptkb:BSD_License
gptkbp:limitation network access
resource usage
process visibility
filesystem access
gptkbp:operatingSystem gptkb:FreeBSD
gptkbp:prohibits system calls
device access
root privileges
kernel modules
gptkbp:provides filesystem isolation
network isolation
process isolation
user environment isolation
gptkbp:releaseYear 2000
gptkbp:similarTo gptkb:Linux_containers
gptkb:Solaris_Zones
gptkbp:supports gptkb:IPv4
gptkb:IPv6
gptkbp:type OS-level virtualization
gptkbp:usedFor server consolidation
application sandboxing
security containment
gptkbp:website https://www.freebsd.org/doc/handbook/jails.html
gptkbp:bfsParent gptkb:Bjoern_Zeeb
gptkbp:bfsLayer 8