Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Indeed. For clarification, FreeBSD jails are considered safe, since they add capabilities checks on top of the chroot. Chroot itself, on the other hand, is relatively easy to break out.

Not sure if you have ever used, but you might enjoy FreeBSD :) using jails is not at all that difficult. To be honest I find it easier to use jails than docker. Never used LXC so I don't know how it compares with regards to ease of use.




Thanks. I've used FreeBSD before, but have far more experience using Linux in production, I may have to give it another go some time for specific purposes like this.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: