Which services do you usually chroot()?
Submitted by Anonymous on Fri 21 Jul 2006
| FTP |
   17% | 96 votes |
| HTTP |
6% | 33 votes |
| DNS |
11% | 61 votes |
| FTP + DNS |
6% | 38 votes |
| HTTP + FTP |
4% | 25 votes |
| HTTP + DNS |
2% | 13 votes |
| All |
8% | 48 votes |
| None |
42% | 236 votes |
| Total 550 votes |
<<< Which version of PHP do you have actively installed?
what kind of storage do you use on servers? >>>
I clicked none but I chroot users who require scp access (instead of giving ftp access) so that users cannot login via a shell, and only copy files for webhosting etc.
[ Parent ]
Posted by Anonymous (82.70.xx.xx) on Sun 23 Jul 2006 at 11:19
Is anyone using Xen in the same manner as chroot has been used before for system seperation?
[ Parent ]
Posted by Steve (62.30.xx.xx) on Sun 23 Jul 2006 at 15:45
[ Send Message | View Steve's Scratchpad | View Weblogs ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
I experimented with this using it as a pbuilder-type system:
- create a new image with xen-create-image
- Do "buildy" things on it.
- Delete it
Overall it worked, but it was a bit clunky, and to be honest pbuilder alone would probably be sufficient.
[ Parent ]
Various of the applications I use have chrooting either built in, or as part of the standard config.
Probably not as secure as building a specific jail, but on the other hand for most folk good enough.
See also;
/etc/init.d/bind comments.
Postfix packages (Lamont J builds with a chroot despite comments by Wietse against such complexity).
Doing this stuff on top of the default is I think the wrong way, we should make Debian do it right, sometimes the mountain has to move.
Probably not as secure as building a specific jail, but on the other hand for most folk good enough.
See also;
/etc/init.d/bind comments.
Postfix packages (Lamont J builds with a chroot despite comments by Wietse against such complexity).
Doing this stuff on top of the default is I think the wrong way, we should make Debian do it right, sometimes the mountain has to move.
[ Parent ]