[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Chrooted services
* Philippe Vogel; <filiaap@xxxxxxxxxx> on 13 Dec, 2003 wrote:
This short description sounds nice, but I can't see how to do it.
Is there a longer version available?
Wish it were somehere that I knew; then all I would do was to follow the
For example it would be nice to chroot the flexlm licensserver.
Anybody done this before with compardment?
The steps are clear, but what's been to do step by step?
When I have a better picture I will put everything online and will
announce the link. However my first intention is to get things running.
So I raised the question earlier and accepted the fact that I was
getting lazier :-)
As from dhcpd I know you have to change something in Servicefile to activate
the chroot (with 8.1 it was the case until 8.2 supports it now).
With this option the /etc/init.d/<SERVICE-script> copies service xy into a
chroot jail (e.g. /var/chroot/SERVICE) and copies dummy devices into it so
service xy can access syslog, /etc/SERVICE, linked binaries and libs.
What are the options for compardment?
There are plenty and I have headache after reading them :-) I will
start asking the question about the capabilities later
The problem with this thread is, there isn't really much been said about it
in the man or howto (same was with samba-vscan, but I found some useful
links after investigating a littlebit).
I cannot find useful links to this thread.
Anybody got links or manuals for this?
Should have one manual up soon but I will protect it with .htaccess and allow
access to those helping me :-)
Mfg. von Stuttgart
Unofficial SuSE FAQ Maintainer Please reply to the list;
http://susefaq.sf.net Please don't CC me.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here