security settings in suse vs openbsd
Hi, i install in server web and firewall suse linux professional or openbsd. I find in openbsd some security settings and security applications very useful that i don't find in suse 9.1: 1) Apache in chroot by default Is possible to have in suse the possibility to chroot apache with an option in /etc/sysconfig/apache2 like dhcp or named? Now to have apache2 in chroot i use modsecurity ( that i must compile in to the system). 2) Systrace A very useful application is systrace, with this application is possible to execute the services with the possibilty to control the system calls. Is possible to use it in suse linux? Best regards, Cristian Del Carlo
Am Mittwoch, 29. Dezember 2004 10:28 schrieb Cristian Del Carlo:
Hi, i install in server web and firewall suse linux professional or openbsd. I find in openbsd some security settings and security applications very useful that i don't find in suse 9.1: 1) Apache in chroot by default Is possible to have in suse the possibility to chroot apache with an option in /etc/sysconfig/apache2 like dhcp or named? Now to have apache2 in chroot i use modsecurity ( that i must compile in to the system). 2) Systrace A very useful application is systrace, with this application is possible to execute the services with the possibilty to control the system calls. Is possible to use it in suse linux? Best regards,
Cristian Del Carlo I guess systrace is called strace under suse, as far as i know.
--------------------from man strace-------------------- STRACE(1) NAME strace - trace system calls and signals ------------------------------------------------------------ I am using it frequently. -- Mit freundlichen Grüßen Markus Feilner -------------------------- Bitte beachten Sie unsere neuen Adressdaten! Vielen Dank. -------------------------- Feilner IT Linux & GIS Linux Solutions, Training, Seminare und Workshops - auch Inhouse Beraiterweg 4 93047 Regensburg fon +49 941 9465243 fax +49 941 9465244 mobil + +49 170 3027092 skype ID: mfeilner mail: mfeilner@feilner-it.net -- Mit freundlichen Grüßen Markus Feilner --------------------------- Bitte beachten Sie unsere neuen Adressdaten! Vielen Dank. --------------------------- Feilner IT Linux & GIS Linux Solutions, Training, Seminare und Workshops - auch Inhouse Beraiterweg 4 93047 Regensburg fon +49 941 9465243 fax +49 941 9465244 mobil + +49 170 3027092 mail mfeilner@feilner-it.net web http://www.feilner-it.net
On Dec 30, Markus Feilner <lists@feilner-it.net> wrote:
Am Mittwoch, 29. Dezember 2004 10:28 schrieb Cristian Del Carlo:
A very useful application is systrace, with this application is possible to execute the services with the possibilty to control the system calls. Is possible to use it in suse linux? Best regards,
Cristian Del Carlo
I guess systrace is called strace under suse, as far as i know.
No, strace is something different. Systrace can forbid applications to use specific system calls. See http://www.systrace.org/ Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \
participants (3)
-
Cristian Del Carlo -
Markus Feilner -
Markus Gaugusch