> From currently trying to secure a box from the unknown hordes of evil
> doers, even a non-privileged user, possibly even chrooted could have
> more access to the local ports than the UML system (which can be
> firewalled against). Admitedly I do have a lot left to learn.
The best reference I have right now is a talk I gave at Dartmouth on UML
security. The whole thing is at
My current thinking on setting up a chroot jail starts at