Secure Untrusted Applications with Chroot

Monday, 3 March 2003, 12:25 PM EST

"Security" is one of those "buzzwords du jour," and there seems to be as many approaches to security as there are opinions on Microsoft. However, unlike other hot topics (or "CEO hot buttons") that come and go, effort spent on security almost always pays off. Moreover, having a multitude of security techniques is a very good thing. There are umpteen ways to hack a system, and the savvy system administrator maintains a substantial and varied arsenal of countermeasures. Firewalls, honey pots, intrusion detection, and SSH are just a few tricks of the Linux security trade.

Application jails, also known as "change root jails" or "chroot jails," are another effective countermeasure. Supported by all Linux and Unix systems, application jails put up a nearly impenetrable barrier between the "jailed" software and the rest of the system. And because a jail is enforced by the operating system and not by an application, it can provide an enormous level of safety. A chroot jail "incarcerates" untrusted applications, and acts like a guard, almost literally, for applications that already have substantial security measures built-in.

This month, let's learn about jails. Let's throw an application into "solitary," and make it a model citizen.

[ Read more ]




Spotlight

Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //