LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-16-2002, 06:05 AM   #1
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
chrooting daemons


I'm thinking of writing a more general how-to on chrooting daemons, what I think of including:

1. What is a chrooted daemon?
  • explanation (with directory tree comparison)
2. Why do I need that?
3. Explanation for the usage of
chroot
ps
ldd
lsof
strace
4. How do I chroot a daemon[list=a][*]- which daemons can be chrooted in general
- where is chrooting too much time-consulting compared to the benefits (sendmail for instance)[*]how to determine required files/libraries[*]creating the jail, copying required files/libraries, adjust permissions[/list=a]

5. attacking chrooted daemons
6. chrooting at the example of MySQL



Anybody has comments / suggestions on the content or anything else ?
 
Old 11-16-2002, 09:04 AM   #2
radnix
Member
 
Registered: Aug 2002
Location: Huntsville AL
Distribution: redhat 7.3
Posts: 48

Rep: Reputation: 15
Presently

Yea, I'd especially be interrested in what you come up with. I'm presently tackling daemon chrooting now, just started.

I'll try to add to your posts if I can, but my first attempts aren't working.

My first goal is to chroot SSH........

ANYWAY, any references, examples or links you might suggest will be appreciated !
 
Old 11-21-2002, 11:04 AM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,319
Blog Entries: 54

Rep: Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860Reputation: 2860
IMNSHO there's only three good docs on chrooting on the 'net. So of course it would be great if you can find the time to make it. As usual when I've got something usefull I'll try to add it.
Seems a good place to promote GRSecurity chroot features, busybox usage and rootjail a bit.

As for chrooting Ssh users, there's a patch floating around somewhere for OpenSSH 3.x.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
chrooting nucleocide Linux - Software 2 08-08-2005 04:30 PM
chrooting or jailing inetd or inetd started daemons ? MasterC Linux - Security 2 07-15-2003 05:28 PM
chrooting vsftpd kemu Linux - Security 4 05-06-2003 06:42 AM
chrooting mysql markus1982 Linux - Security 6 10-29-2002 09:22 AM
Problems chrooting :( rverlander Linux From Scratch 1 07-21-2002 06:44 AM


All times are GMT -5. The time now is 10:03 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration