Chrooting daemons and system processes
The idea behind chroot is fairly simple. When you run BIND (or any other process) in a chroot jail, the process is simply unable to see any part of the filesystem outside the jail. For example, in this document, we'll set BIND up to run chrooted to the directory /chroot/named. Well, to BIND, the contents of this directory will appear to be /, the root directory. Nothing outside this directory will be accessible to it. You've probably encounted a chroot jail before, if you've ever ftped into a public system.
By Jonathan at Linux Exposed.
[ Read more ]
- Review: Essential System Administration Pocket Reference (5 January 2004)
- Review: HackNotes Linux and Unix Security Portable Reference (24 October 2003)
- Review: Linux Security Cookbook (29 September 2003)
- Review: Linux Server Hacks (10 September 2003)
- Review: Linux+ Certification Bible (3 September 2003)
- Review: Hacking Exposed Linux 2/e (8 May 2003)
- Review: Linux Administration Handbook (30 April 2003)
- Review: Linux System Security: The Administrator's Guide to Open Source Security Tools, 2/e (14 March 2003)
- Review: Real World Linux Security, 2/e (22 November 2002)
- Review: Linux System Administration - A User's Guide (18 August 2002)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.