Chroot jail or Root jail
Is it 'chroot jail' or 'root jail'? How and when would you use such?
It is "chroot jail", and it means that the user is limited to a specific directory.
The user could even be root, but it would not make any sence, since root has access to everything, and easilly could "break out" of the jail.
For example, if you want a user to be "bound" to a specific directory, you would "chroot" that user to the path.
All access to other folders will then be limited to the hard links inside that jail.
(Or soft links, if the specific software allows that)
The actual implementation depends on the software used, and the security differs between implementations.
The biggest problems people have when chrooting an application, is that all links are relative to the chrooted jail.
So, if you are chrooted to "/home/user", links to f.ex. "/var/lib/anything" will be seen as "/home/user/var/lib/anything".
Basically, that specific example could be solved with a hard link from "/var/lib/anything" to "/home/user/var/lib/anything", but as I said, there are many implementations of chroot.
Thanks for your response and explanation.
The chroot command redefines what the current shell considers to be "the root directory." This makes it more difficult, but not impossible, for an application to see or to access files which do not live within the designated subtree of the "actual' file system.
Although the command is sometimes used to build a "jail," it has other useful purposes as well. If you need to run a program that, for whatever reason, needs to see its surrounding filesystem "in a certain way," this is a very easy and therefore very useful way to enable that program to run.
|All times are GMT -5. The time now is 11:05 PM.|