Chrooting Apache

Wednesday, 2 June 2004, 11:18 AM EST

The chroot daemon allows you to run a program and have it see a given directory as the root (/) directory. This effectively locks the process into its very own filesystem ("chroot jail") isolated from the real / filesystem. In this article we will look at how to install the Apache Web server in such an environment.

Installing Apache in a chroot jail does not make Apache itself any more secure. Rather, it serves to restrict the access of Apache and its child processes to a small subset of the filesystem. The advantage in chrooting a process is not in preventing a breakin, but rather in containing a potential threat.

Before deciding whether you need to chroot your Web server you should consider the advantages and disadvantages of such a setup.

By Mike Peters at Linux.com

[ Read more ]

Related items




Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //