LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices

Reply
 
Search this Thread
Old 09-05-2003, 01:25 PM   #1
Hoops66
Member
 
Registered: Jun 2003
Distribution: Red Hat/ Win 2k Pro/Fedora Core2/Suse 9.1 Pro
Posts: 44

Rep: Reputation: 15
Jail?


What is up with the jail. I read the man pages, so all it is, is a safe, locked down portation of your disk space. where nothing can go in or out, without your ok?
 
Old 09-11-2003, 07:45 AM   #2
nullpt
Member
 
Registered: Jul 2003
Distribution: Red Hat
Posts: 94

Rep: Reputation: 15
A jail it's an enviroment completely apart of the whole system.

It imprisons the process and it's descendants.

Now you have vary options to run a jail...

You can run it with a non-privileged user, in new root enviroment, in a single ip with a jail hostname.
And finaly the daemon/command you wish to execute.
All of the childs of whatever you run will be imprisoned in the jail and there wont be any comunication with the outside.

With chroot, there are ways to escape because there is interaction with the outworld. But a very well configurated chroot will be enough.

I advise you strongly to read the man pages related to the jail, because its a very good freebsd resource that others systems would give anything to have it. (Under developement in Linux)

A perfect jail could contain a whole FreeBSD world inside of it...
Now imagine what you can do with a jail, securing your system will be an easy thing if you run everything in jails/chroots.

securityfocus.com has very intersting articles related to daemon chrooting.

There is this 3 article document, that consists in chrooting Apache+PHP+Mysql, and It works GREAT.
I use it in all my systems!

http://www.securityfocus.com/infocus/1694
http://www.securityfocus.com/infocus/1706
http://www.securityfocus.com/infocus/1726

Stay well!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chroot jail pachanga Linux - General 12 09-26-2008 06:15 AM
Jail and chroot rogk Linux - Security 2 10-16-2005 03:20 AM
chroot jail etc. f1uke Linux - Security 5 08-24-2005 04:12 AM
IMAP Jail FinnNetworks Linux - Software 0 03-08-2004 03:08 PM
chroot jail simon Linux - Security 3 08-05-2001 09:21 PM


All times are GMT -5. The time now is 08:55 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration