crtxcr/qsni
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

README.md spelling

Browse Source
This commit is contained in:
Albert S. 2018-01-02 17:06:09 +01:00
parent dee275c89e
commit 9ac5ca7560
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -11,7 +11,7 @@ Requirements
You need an iptables version that supports cgroup matching (e. g. You need an iptables version that supports cgroup matching (e. g.
version >= 1.6); version >= 1.6);
The following kernel config paramaters must be set: The following kernel config parameters must be set:
CONFIG_NETFILTER_XT_MATCH_CGROUP CONFIG_NETFILTER_XT_MATCH_CGROUP
CONFIG_NET_CLS_CGROUP CONFIG_NET_CLS_CGROUP
@ -61,7 +61,7 @@ Security discussion
-------------------- --------------------
This alone is not a satisfactory way to prevent misbehaving programs This alone is not a satisfactory way to prevent misbehaving programs
to contact destinations you don't want them to. While the restrictions to contact destinations you don't want them to. While the restrictions
also apply to the children of the launched progorams, at a minimum, file also apply to the children of the launched programs, at a minimum, file
system isolation is also necessary and perhaps IPC etc. system isolation is also necessary and perhaps IPC etc.
qsni however does not aim to be a complete "jailing/isolation" solution. qsni however does not aim to be a complete "jailing/isolation" solution.