Is there any way to have an XServer in a jail that is locked down so that if there was an exploit say in X that would risk a whole system take over. How can I stop XServer from getting real system access? I have read previous discussions on this topic and they have all either been vague or silly answers like run VNC. I want to clarify as well this is for a secure desktop setup. I would also like to know good methods of connecting to it as a same system user would I pipe xserver jail to one of my tty consoles?
I would love to clarify this as jails seem so far to have the image of a non-text based interface security measure for stuff like services of Apache.
Any real specialist BSD Daemons/Security experts who could help educate me in this dark art would be appreciated.
I would love to clarify this as jails seem so far to have the image of a non-text based interface security measure for stuff like services of Apache.
Any real specialist BSD Daemons/Security experts who could help educate me in this dark art would be appreciated.