Useful article, however I'd like to read more about the advantages of jail and how it can be used. I can see what it's basic advantages are, if a user compromises something inside the jail it won't affect the real system. However, if there are services running inside the jail, I guess the attacker can do enough harm inside the jail; which will affect the services and the (sensitive) data they serve.
Also, is a jail inside a jail possible ? Chroot inside jail ? (My assumption so far is that it is possible).
