mod_chroot 0.5
Sponsored Links
mod_chroot 0.5 Ranking & Summary
File size:
0.015 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
1250
Date added:
2006-05-23
Publisher:
Marek Gutkowski
mod_chroot 0.5 description
You dont need to create a special directory hierarchy containing /dev, /lib, /etc...
Why chroot?
For security.
chroot(2) changes the root directory of a process to a directory other than "/". It means the process is locked inside a virtual filesystem root. If you configure your chroot jail properly, Apache and its child processes (think CGI scripts) wont be able to access anything except the jail.
A non-root process is not able to leave a chroot jail. Still its not wise to put device files, suid binaries or hardlinks inside the jail.
chroot - the hard way
There are many documents about running programs inside a chroot jail. Some daemons (tinydns, dnscache, vsftpd) support it out of the box. For others (like Apache) you need to carefully build a "virtual root", containing every file the program may need. This usually includes:
C library
various other libraries (libssl? libm? libmysqlclient?)
resolver configuration files (/etc/nsswitch.conf, /etc/resolv.conf)
user files (/etc/passwd, /etc/group)
separate directory for log files
additional modules needed by the program (for Apache: mod_php and other modules)
Creating this structure is great fun. Run the program, read the error message, copy the missing file, start over. Now think about upgrading - you have to keep your "virtual root" current - if there is a bug in libssl, you need to put a new version in two places. Scared enough? Read on.
Why chroot?
For security.
chroot(2) changes the root directory of a process to a directory other than "/". It means the process is locked inside a virtual filesystem root. If you configure your chroot jail properly, Apache and its child processes (think CGI scripts) wont be able to access anything except the jail.
A non-root process is not able to leave a chroot jail. Still its not wise to put device files, suid binaries or hardlinks inside the jail.
chroot - the hard way
There are many documents about running programs inside a chroot jail. Some daemons (tinydns, dnscache, vsftpd) support it out of the box. For others (like Apache) you need to carefully build a "virtual root", containing every file the program may need. This usually includes:
C library
various other libraries (libssl? libm? libmysqlclient?)
resolver configuration files (/etc/nsswitch.conf, /etc/resolv.conf)
user files (/etc/passwd, /etc/group)
separate directory for log files
additional modules needed by the program (for Apache: mod_php and other modules)
Creating this structure is great fun. Run the program, read the error message, copy the missing file, start over. Now think about upgrading - you have to keep your "virtual root" current - if there is a bug in libssl, you need to put a new version in two places. Scared enough? Read on.
mod_chroot 0.5 Screenshot
mod_chroot 0.5 Keywords
Bookmark mod_chroot 0.5
mod_chroot 0.5 Copyright
WareSeeker periodically updates pricing and software information of mod_chroot 0.5 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of mod_chroot 0.5 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
Related Software
mod_vhost_dbi creates virtual hosts for Apache 2.0 completely dynamically. Free Download
mod_highlight provdes syntax highlighting as an Apache 2.0 Filter Module. Free Download
mod_jail makes running Apache 1.3 in a secure FreeBSD jail prison easy. Free Download
mod-vhost-ldap is an Apache 2.x module for storing and configuring virtual hosts from LDAP. Free Download
mod_auth_bsd is an Apache module that supports BSD Authentication on OpenBSD. Free Download
mod_limitipconn is an Apache module which allows web server administrators to limit the number of simultaneous downloads. Free Download
jHamachi project is a Linux GUI for the Hamachi VPN client. Free Download
mod_xslt2 is is an Apache 1.3.xx Module written in C. Free Download
Latest Software
Popular Software
Favourite Software
