Educause Security Discussion mailing list archives
Re: Securing a public/open linux shell server
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 8 Jul 2013 14:24:26 -0400
On Mon, 08 Jul 2013 13:43:54 -0400, "Lisciotti, Kevin" said:
* Chroot users to home directory
Remember that all that stuff in /usr/bin and /usr/lib then has to also be visible under /home/userid/ or wherever their home directory is. Be prepared to do tons of bind mounts. chroot works a lot better when there's just the binary that's needed to run, and possibly a small, fixed set of shared libraries. Stuff like an FTP server works well in a chroot. Shell logins, not so much.
Attachment:
_bin
Description:
Current thread:
- Securing a public/open linux shell server Lisciotti, Kevin (Jul 08)
- Re: Securing a public/open linux shell server Jason Gates (Jul 08)
- Re: Securing a public/open linux shell server Valdis Kletnieks (Jul 08)
- Re: Securing a public/open linux shell server Harry Hoffman (Jul 08)
- Re: Securing a public/open linux shell server Will Froning (Jul 08)
- Re: Securing a public/open linux shell server Lisciotti, Kevin (Jul 08)
- Re: Securing a public/open linux shell server Will Froning (Jul 08)
- Re: Securing a public/open linux shell server Everett, Alex D (Jul 08)