How security of chroot?

From: Keith (keithtin_at_yahoo.com.hk)
Date: 06/30/03 

Date: Mon, 30 Jun 2003 12:32:42 +0800

Hi,
I'm going to config chroot on my linux server (RHL8) in order to limit the
user to their home directory. I got many information from some websites and
some of them reminded that chroot also can be breaked. Thus, is it safe to
setup chroot on my linux server since I would provide secure FTP services
for some users?! And don't want them browse others directories on the
server.

Thanks,

Keith

Relevant Pages

  • Re: best chroot jail program?
    ... julia wrote: ... > I need to setup a linux server to have an FTP, frontpage extensions, ... > the users in a chroot jail, but I'm not sure which chroot program is ...
    (comp.os.linux.misc)
  • Re: How security of chroot?
    ... > I'm going to config chroot on my linux server in order to limit the ... > user to their home directory. ... > some of them reminded that chroot also can be breaked. ... share passwords or leave their SSH private keys in public NFS ...
    (comp.security.ssh)
  • Re: Giving limited access to remote FTP user via vsftpd
    ... I always chroot the user. ... chroot the user, then create symblink in the users home directory, to ... but is a wonderful feature if you use it right. ... get a custom view of FTP that can follow any path I let them into. ...
    (Fedora)
  • Re: Defining root directory for sftp-server logins
    ... a used cannot escape his home directory (e.g. get a ... listing of all users in /home). ... You need to implement chroot cages, ... This is not the chroot listed in OpenSSH's sshd_config ...
    (comp.security.ssh)
  • RE: CGI security on a shared web server
    ... Onderwerp: Re: CGI security on a shared web server ... You can also add chrooting the user into their home directory and the ... You also have to be careful with what you place within the chroot() environment ... to make sure that the user can't gain root privs as its relatively simple to ...
    (SecProg)