Re: How security of chroot?
From: Nico Kadel-Garcia (nkadel_at_verizon.net)
Date: 06/30/03
- Next message: Richard E Silverman: "Re: SSH overhead."
- Previous message: jon: "Re: How security of chroot?"
- In reply to: Keith: "How security of chroot?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 30 Jun 2003 13:07:52 GMT
Keith wrote:
> Hi,
> I'm going to config chroot on my linux server (RHL8) in order to limit the
> user to their home directory. I got many information from some websites and
> some of them reminded that chroot also can be breaked. Thus, is it safe to
> setup chroot on my linux server since I would provide secure FTP services
> for some users?! And don't want them browse others directories on the
> server.
chroot can be broken like your front door can be bulldozed by a SWAT
team. It's still vastly, vastly better than working *without* a chroot,
and helps limit potential damage, especially because people tend to
share passwords or leave their SSH private keys in public NFS
directories and not use passwords with them "because they have a
firewall and trust their co-workers".
- Next message: Richard E Silverman: "Re: SSH overhead."
- Previous message: jon: "Re: How security of chroot?"
- In reply to: Keith: "How security of chroot?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
