Sandboxing¶
JetStream server can restrict user’s activity to a specific location in the file system, or sandbox. Sandboxes can be used to isolate users, or limit them to only specific resources.
Warning
Running JetStream without sandboxing set up will give users full file system access. File access permissions will be honored.
- Sandboxing can be setup to:
- Restrict all users to a specific resource (eg.
/storage) - Restrict users to a user-specific location (eg. user’s home directory)
- Give specific user access to a resource (eg. only
userAcan access/storage/data) - Give users a list of accessible resources (eg.
/storage/common-fles, and user’s home directory)
- Restrict all users to a specific resource (eg.
For more information about sandboxing, please refer to Sandboxing documentation.
See also