LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Best way to chroot jail this web script / daemon?
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 05-07-2014, 01:10 PM   #1
medicMe
LQ Newbie
 
Registered: Jun 2013
Posts: 5

Rep: Reputation: Disabled
Best way to chroot jail this web script / daemon?

I have to bind a service to a port less than 1024, and thus, the service must be run as root. (Flash Policy / File Security service.)

I've never setup a service like this before, let alone one that faces the public, so I'm paranoid about it running as root..

It's a PHP script, sending XML and payload of data from what I can tell. Nothing fancy, but Flash clients need it in place to authorize a direct socket connection to another process the server is running. (Note: that means it runs as a stand alone script, not by a php handler via Apache or the like.)

What would be the most sane way to manage this?

chroot jail? If so, how? (And would a compromised root process be able to break out of said jail?)

Any advice would be great.
Last edited by medicMe; 05-07-2014 at 01:12 PM.
 
Old 05-08-2014, 05:49 AM   #2
descendant_command
Senior Member
 
Registered: Mar 2012
Posts: 1,876

Rep: Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643Reputation: 643
Can you run it on an unpriveleged port and redirect traffic to it with an iptables rule?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Chroot jail or Root jail bayprince Linux - Newbie 3 07-25-2011 07:43 PM
Chroot jail Gimpy Linux - Software 10 05-07-2010 01:30 PM
[SOLVED] chroot jail problem: 'empty' jail MatrixS_Master Linux - Security 4 03-27-2010 06:25 AM
LXer: Howto Setup a Lighttpd Chroot Jail Web Server under Debian Linux LXer Syndicated Linux News 0 05-06-2007 06:31 PM
chroot jail for the vsftpd daemon -not internal to program snowmedia Linux - Networking 2 06-30-2004 09:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:49 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration