Re: Best way to run X application inside chroot environment

From: Tim Haynes (usenet-20041030_at_stirfried.vegetable.org.uk)
Date: 10/30/04

Next message: Frank Jülich: "Trojans and Trojan-scanner"
Previous message: Huang, Daniel: "Re: public key access error"
In reply to: Jesús Ángel: "Best way to run X application inside chroot environment"
Next in thread: Hue-Bond: "Re: Best way to run X application inside chroot environment"
Reply: Hue-Bond: "Re: Best way to run X application inside chroot environment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 30 Oct 2004 10:41:49 +0100

Jesús Ángel <jpozdom@ribera.tel.uva.es> writes:

[snip]
> aMule is a X application, it hasn't got a console interface :-( and I
> need a method to allow amule connect to the X server.
>
> Which of these are the better solution?
>
> 1. Config the X server to listen to TCP conections at port 6000 and set
> the DISPLAY=127.0.0.1 With xauth only the user with the correct magic
> cookie could connect to the xserver.

I'd go with this one, myself. The other two are too ugly to countenance.

> 2. Make a hard link inside the chroot to /tmp/.X11-unix/X0
> # ln /tmp/.X11-unix/X0 /chroot/.X11-unix/X0
> This is not posible if /tmp and /chroot reside in the same partition

Erm, YM if they *don't* reside in the same partition, it would be a
problem.

It's still subject to being rm'd etc.

> 3. Mount the tmp partition inside the chroot
> (inside the chroot) # mount /dev/hda3 /tmp

You should not rely on being able to mount anything within a chroot jail;
sensible people actively use the GRsecurity kernel patch precisely to
*disable* this possibility, on security grounds.

~Tim

-- 
   10:41:39 up 73 days, 18:19,  0 users,  load average: 0.00, 0.02, 0.00
piglet@stirfried.vegetable.org.uk |There's a shrine on the Assynt hillside
http://spodzone.org.uk/cesspit/   |Made of earth and salt and rain

application/pgp-signature attachment: stored

Next message: Frank Jülich: "Trojans and Trojan-scanner"
Previous message: Huang, Daniel: "Re: public key access error"
In reply to: Jesús Ángel: "Best way to run X application inside chroot environment"
Next in thread: Hue-Bond: "Re: Best way to run X application inside chroot environment"
Reply: Hue-Bond: "Re: Best way to run X application inside chroot environment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: PAE-CE84 Router Failure
... >>> I found I was unable to gain access to the internal web ... >>> server to check the router's settings, ... I have easily accessed my *new* router using!FTPc, ...
(comp.sys.acorn.networking)
RE: Dovecot versus Postfix
... <SNIP> ... It says "Replace mail.example.com with your mail server ... configure the default gateway and Domain name server as well as the ... user accounts. ...
(Ubuntu)
Hows the serenity! (was Re: Processing Ideas Needed:)
... tasks being "stateless" and the ACMS transaction monitor maintaining a fully ... pre-authorized and statefull connection to the client. ... response, but if server and client were cooperating on a row-by-row basis, ... [snip, snip, snip, snap, snip snippety snip] ...
(comp.os.vms)
Brad Pelinis machine...
... with many different competing registrars. ... Whois Server: whois.godaddy.com ... Boynton Beach, Florida 33426 ...
(comp.sys.mac.advocacy)
Re: Windows update error 0x8007041D
... Sometimes this happens when the server is busy and you could retry later. ... If it continues and as NOD32 is not the case then check in the Event Viewer to ... Mila <snip> ... | After installing SP2 I went to "Windows Update" and it said I needed ...
(microsoft.public.windowsxp.help_and_support)