Security Basics mailing list archives
RE: To chroot or not to chroot?
From: "Jeroen van Meeuwen" <kanarip () pczone-clan nl>
Date: Thu, 24 Nov 2005 21:32:16 +0100
Martin, You could consider setting up a restrictive SELinux environment. Kind regards, Jeroen van Meeuwen -- kanarip
-----Original Message----- From: Martín Villalba [mailto:famafcs () gmail com] Sent: Wednesday, November 23, 2005 19:58 To: security-basics () securityfocus com Subject: To chroot or not to chroot? Hi, list! Maybe you can help me with this: I'm about to install a webserver, which should have an http server, webmail, php support, dns, ftp, remote login and a couple more things. Obviously, with all those ports open, I must take every security measure I know (and some I don't). But here comes my doubt: should I jail the webserver with chroot? My first thought was "Duh, yes!", but thinking about it, having all those services running at the same time, do I really make any difference? It seems to me that in such environment a cracker (no, i'm not writing "hacker") could do anything he (maybe she?) wants... Ideas? Suggestions? Donations (cash, please)? C-you Martín
Current thread:
- To chroot or not to chroot? Martín Villalba (Nov 24)
- RE: To chroot or not to chroot? Jeroen van Meeuwen (Nov 24)
- Re: To chroot or not to chroot? Josh Tolley (Nov 25)
- Re: To chroot or not to chroot? darren kirby (Nov 25)