> > But, damn it, we've established that CERN HTTPD *is* one of those programs
> > already. What's the point in building a jail when you lock the keys inside?
> That being the case, how are the keys 'inside'? The jailer controls the
> whole machine from the 'root-console', yes???
Names removed to protect the guilty:
Player 1: "I like CERN better than Apache, and it's more secure."
Player 2: "But CERN doesn't give up root privilege reliably."
Player 1: "That's OK, I run it chrooted."
Player 3: "But there's ways out of a chrooted jail if you're root."
Player 1: "So don't put buggy setuid programs in the jail."
Whereupon I point out that there's no need... CERN *is* one. "The keys are
already in the jail". Makes more sense now?