[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Apache/PHP/MySQL secure configuration, & YaST updates



> 
> www.securityfocus.com/infocus/1786 explains how to secure
> Apache/PHP/MySQL by changing UID/GID and running in a
> CHROOT jail.  However, surely doing this would prevent YaST
> Online Update from working?
> 

Yast2 YOU will continue working if you don't hose the system that YOU 
works with. Therefore, the steps that create your chroot jails should be 
scripted so that you can update the jails in no time after an update.

Keep in mind that you can't overwrite the binary files that are in use by 
a process. Move them away, then copy the new version in place. This could 
mean that the script needs some tricks...


Thanks,
Roman.

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here