Hmm, I think this doesn't work for me, I forgot that there will be too much memory and strong cpu needed :-( So, I'll need to find other way to more secure my box. I'll take a look at the grsecurity...
Thanks for now, I'll be back ;) Regards Michal Novotny 26. bøezna 2002 17:08:41, Russell Coker <[EMAIL PROTECTED]> pise: > On Tue, 26 Mar 2002 15:49, Michal Novotny wrote: >> It is possible to make virtual web hosting (apache) in chroot jail? > Yes. Just install complete copies of Debian in the chroot jails. >> There is a little problem with about 1500 domains/clients. >> How can I set it up (with perl/php/ssi/ssl/cgi/ftp/mysql etc.) ? >> I think it have to be all in the chrooted directory, so will it be >> apache/perl/mysql/libs for each domain? or could it be symlinked? > Symlinks do not work across chroot jails by definition. >> I do not imagine about 1500 chroots... > You would need to have a lot of memory and CPU power for that many chroot's. >> But I think if it can work then it will be so secure, isn't it? > If it has root access for ANYTHING and it uses a stock kernel then running it > chroot gives no extra protection. > If you want chroot to actually give you any significant security benefits > then you need a kernel patch such as grsecurity. > Let's leave debian-security out of this now and keep it on debian-isp. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
