Re: chroot & mount --bind = security ?
From: link (link_at_twistedslinky.org)
Date: 04/06/04
- Previous message: Julien Nury: "chroot & mount --bind = security ?"
- In reply to: Julien Nury: "chroot & mount --bind = security ?"
- Next in thread: Asbjørn Sannes: "Re: chroot & mount --bind = security ?"
- Reply: Asbjørn Sannes: "Re: chroot & mount --bind = security ?"
- Reply: Marius Huse Jacobsen: "Re[2]: chroot & mount --bind = security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 6 Apr 2004 14:28:01 -0400 To: focus-linux@securityfocus.com
> I would like to do like this :
>
> - A folder /var/www witch contains my html documents
> - mount --bind /var/www /chroot/httpd/var/www to allow the web server to access them
> - mount --bind /var/www /chroot/ftpd/var/www to allow the ftp server to update them
>
> And now ... questions :
>
> - does it working ?
> - is there a security problem with it ?
> - is there another method (more secure/simple) to do this ?
>
> Thanks for your read, have a nice day.
>
> Julien Nury
This is how I do it for my chroot'd ftp server, since 'ln -s' obviously
won't work. I don't see any security issues (other than the regular fs
perms). One note, mouting --bind,ro doesn't seem to actually mount
read-only. If anyone has any ideas why, I've always been curious.
Ryan
-- I have often wondered if the majority of mankind ever pause to reflect upon the occasionally titanic significance of dreams, and of the obscure world to which they belong. -- H.P. Lovecraft
- Previous message: Julien Nury: "chroot & mount --bind = security ?"
- In reply to: Julien Nury: "chroot & mount --bind = security ?"
- Next in thread: Asbjørn Sannes: "Re: chroot & mount --bind = security ?"
- Reply: Asbjørn Sannes: "Re: chroot & mount --bind = security ?"
- Reply: Marius Huse Jacobsen: "Re[2]: chroot & mount --bind = security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
