[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] Apparmor and chroot

Should we get rid of the old chroot jails and trust to apparmor?

They are both basically trying to avoid
 unforseen and unwanted access to the filesystem.

eg: The default profile for postfix fails because
 it doesn't bestow "chroot" privileges to smtpd.
Once bestowed, there are problems because
 the chrooted daemon wants to get to /default/some-file
 and doesn't know it's actually talking about /var/spool/postfix/default
Neither does apparmor  8^(

Is the best practise way to tell postfix NOT to chroot?

There are ways of breaking out of chroot jails aren't there?
Has apparmor been coded to secure the known techniques?
It's more versatile, is it more secure?
How much of a performance hit?

Thanks for any discussion of this,

PS: RTFM replies welcome; as long as they give links to the FM.

Michael James                         michael.james@xxxxxxxx
System Administrator                    voice:  02 6246 5040
CSIRO Bioinformatics Facility             fax:  02 6246 5166

No matter how much you pay for software,
 you always get less than you hoped.
Unless you pay nothing, then you get more.

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here