26 Jun
2004
26 Jun
'04
02:18
www.securityfocus.com/infocus/1786 explains how to secure Apache/PHP/MySQL by changing UID/GID and running in a CHROOT jail. However, surely doing this would prevent YaST Online Update from working?
Yast2 YOU will continue working if you don't hose the system that YOU works with. Therefore, the steps that create your chroot jails should be scripted so that you can update the jails in no time after an update. Keep in mind that you can't overwrite the binary files that are in use by a process. Move them away, then copy the new version in place. This could mean that the script needs some tricks... Thanks, Roman.