WebApp Sec mailing list archives

RE: Chroot jails

From: "Craig Wright" <cwright () bdosyd com au>
Date: Wed, 21 Sep 2005 05:55:05 +1000

Hi
 
Like everything - they have been broken at one time or another, patch issues as they arrise and this will cover most 
things. A Good implementation will help further.
 
People find overflows in code from time to time, we have to patch from time to time - this does not mean to not do 
this, just like everything else... vigilance is the key
 
Craig

        -----Original Message----- 
        From: JamesHorwath () glic com [mailto:JamesHorwath () glic com] 
        Sent: Wed 21/09/2005 3:29 AM 
        To: Steve.Cummings () barclayscapital com 
        Cc: pentest () securityfocus com; webappsec () securityfocus com 
        Subject: Re: Chroot jails
        
        
Steve,

Use mod_security by Ivan Ristic, you can setup a chroot jail painlessly in
minutes.  On the small implementations I used momd_security I didn't find
it any harder to manage.

Regards,
Jim

Jim Horwath
SANS Certified: GCUX, GCIH, GHTQ
Unix Admin


<Steve.Cummings () barclayscapital com> wrote on 09/20/2005 12:21:02 PM:

Hi All

Wondered if people could give me their opinions on chroot jails on
solaris and linux, am interested in both manageability but more
interested in whether anyone has broken out of one

Current thread:

Chroot jails Steve.Cummings (Sep 20)
- Re: Chroot jails JamesHorwath (Sep 20)
- Re: Chroot jails Antoine Martin (Sep 20)
  - Re: Chroot jails Ingo Struck (Sep 20)
    - Re: Chroot jails Antoine Martin (Sep 21)
- Re: Chroot jails Mamading Ceesay (Sep 20)
- Re: Chroot jails xyberpix (Sep 20)
- Re: Chroot jails Paul Wong (Sep 21)
- <Possible follow-ups>
- RE: Chroot jails Craig Wright (Sep 20)
- RE: Chroot jails Wall, Kevin (Sep 21)