httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From SYBA <si...@jakilinux.org>
Subject [users@httpd] security: fully blown chroot environment vs chrootdir
Date Wed, 17 Nov 2010 00:14:40 GMT
Hello,

I was running apache for a number of years using fully blown chroot
environment, mostly on RHEL (using "chroot" binary as a base). Recently, I
have faced a requirement to wrap it up into rpm, which is not an easy task,
considering all up to date libs, dependencies, etc.

As chrootdir directive seems to appeared only in 2.2.9 (?), part of
mod_unixd, my question is how one could compare it to fully blown chroot
environment, looking at it from security point of view. Would that be the
same or are there any drawbacks on "chrootdir" side?

Also, I used to see information about mod_chroot, module, but this seem to
disappeared at some point. I believe this module is not maintained any more
for this purpose (at least google does not seem to know about it any more)?

All comments on this would be most appreciated.

Cheers.

S.

Mime
View raw message