Re: chroot & mount --bind = security ?
From: Asbjørn Sannes (ace_at_sannes.org)
Date: 04/07/04
- Previous message: Thomas Knop: "Re: chroot & mount --bind = security ?"
- In reply to: link: "Re: chroot & mount --bind = security ?"
- Next in thread: Marius Huse Jacobsen: "Re[2]: chroot & mount --bind = security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: focus-linux@securityfocus.com Date: Wed, 7 Apr 2004 19:52:35 +0200
On Tuesday 06 April 2004 20:28, link wrote:
> > I would like to do like this :
> >
> > - A folder /var/www witch contains my html documents
> > - mount --bind /var/www /chroot/httpd/var/www to allow the web server to
> > access them - mount --bind /var/www /chroot/ftpd/var/www to allow the ftp
> > server to update them
> This is how I do it for my chroot'd ftp server, since 'ln -s' obviously
> won't work. I don't see any security issues (other than the regular fs
> perms). One note, mouting --bind,ro doesn't seem to actually mount
> read-only. If anyone has any ideas why, I've always been curious.
Herbert Poetzl has a patch called Bind Mount Extentions (BME) available at
http://www.13thfloor.at/patches/ that does this. I hope it will be included
mainline someday (patch isn't more than 2 months old, check out the LKML for
more information).
-- -- Asbjørn Sannes ace@sannes.org www.sannes.org
- Previous message: Thomas Knop: "Re: chroot & mount --bind = security ?"
- In reply to: link: "Re: chroot & mount --bind = security ?"
- Next in thread: Marius Huse Jacobsen: "Re[2]: chroot & mount --bind = security ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
