In this 2014 blog post from an apparently anti-BSD blog, the author criticizes BSD jails for being poorly designed and therefore insecure.
The opening paragraph reads:
If you’re thinking of employing FreeBSD jails in your server environment or use them to run insecure applications, it will be good for you to reconsider those options. Jails are one some of the most vulnerable phony “security” features ever put forth by fraudsters. They have been found to be even more insecure then a basic unix chroot and worst they even make it easier to gain control of your kernel with certain types of attacks.
The article goes on to lambast jails for having a backdoor that was installed by a control-freak developer, excessive overhead, and so on.
Obviously the author is quite biased, in my opinion pathologically so. That said, is there merit to these claims? Are BSD jails an inadequate solution for securing applications on a web server?
Continue reading Are BSD jails a "huge security liability"?→