[Cialug] Locking your keys in the car

Chris Freeman cwfreeman at gmail.com
Thu Nov 29 00:20:43 CST 2007


On Nov 28, 2007 5:15 PM, Josh More <morej at alliancetechnologies.net> wrote:

> that jail.  For systems that don't work this, look into use chroot to
> jail specific dangerous daemons.
>
>
Perhaps our resident security experts can clear up something for me. Alan
Cox says (http://kerneltrap.org/Linux/Abusing_chroot):

chroot is not and never has been a security tool. People have built
things based upon the properties of chroot but extended (BSD jails, Linux
vserver) but they are quite different.


So, is chroot a valid tool to use to jail dangerous daemons? It would
seem that the kernel folks say no. But that's the only context I've
heard anyone talk about chroot in.

Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cialug.org/pipermail/cialug/attachments/20071129/760cdd7c/attachment.html


More information about the Cialug mailing list