LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-17-2003, 05:16 AM   #1
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
FYI: general guide to chrooting


Chrooting something is - depending on the process you want to chroot - a basic up to advanced road. The steps require to chroot something involve:[list=1][*]create a seperate directory tree (empty)[*]copy the binary and the required libraries (you've used ldd to find those out) in the appropiate directory.[*]run the process non-chrooted and check the files it accesses (data files, devices, etc). use lsof and strace as your tools.[*]create the neccesary devices, data files[*]adjust configuration to reflect the chroot[*]attempt to run the process chrooted[*]put as strict as possible permissions on the chroot[*]modify startup scripts[*]test if all the required functionality of the proccess still works.[*]use aide to check the chroot once a day[/list=1]This is a pretty general and not really explained way. I want your comments on that basic part. I will advance this guide with more explanaitions as time passes by.

Later I will provide a example - MySQL 4.0.13 which is fairly easy to chroot IMHO!

Last edited by markus1982; 06-17-2003 at 05:21 AM.
 
Old 06-20-2003, 06:11 PM   #2
george441
LQ Newbie
 
Registered: Jun 2003
Posts: 2

Rep: Reputation: 0
Why dont you write a whole article with your best practice on chrooted enviroments for processes and user accounts.
 
Old 06-21-2003, 01:58 AM   #3
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Original Poster
Rep: Reputation: 46
Well I'm waiting for comments on this base part before continuing writing.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FYI: webproxy (squid) setup tutorial (incl. chrooting and authentification) markus1982 Linux - Networking 0 03-20-2004 09:18 PM
FYI: mysql setup tutorial inl. chrooting markus1982 Linux - Security 0 03-07-2004 10:53 AM
FYI: general paper about chrooting markus1982 Linux - Security 6 02-21-2004 01:41 PM
request for questions for a general guide to chrooting markus1982 Linux - Security 5 01-29-2004 05:54 AM
Good guide to Linux in general or red Hat 9 Autonom664 Linux - Newbie 2 01-17-2004 03:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration