Mailinglist Archive: opensuse-security (520 mails)

< Previous Next >
Re: [suse-security] chroot
  • From: Sebastian Krahmer <krahmer@xxxxxxx>
  • Date: Wed, 6 Dec 2000 15:57:51 +0100 (CET)
  • Message-id: <Pine.LNX.4.21.0012061556240.24986-100000@xxxxxxxxxxxxxx>
On Tue, 5 Dec 2000, Ralf Koch wrote:

> Hi.
>
> I've just a short question: Does anybody know how secure it is to
> chroot users in a small piece of my server tree?
>
> We want users to login via ssh and work on a webserver (test scripts
> etc.). They shouldn't see each other even they shouldn't know if they
> are on a real server or in a virtual space that seems and behave in
> most cases like a server. To point it out: Is there a possibility to
> break up the chrooted environment or is it safe to let them login ?
chrooted environments can be broken. Some techniques require
root priviledges , some not. It really depends
on the kernel. I'd use solar designers openwall patch.
Using this, you also can't see other users/processes.

regards,
Sebastian


< Previous Next >
References