Greets,
On Wed, 30 Oct 2002 at 01:07:31PM -0500, Sean McAvoy wrote:
> I was looking at configuring a few of my VPN/Firewall systems to send me
> daily backups of vital config files, and selected log files. I was
> wondering what would be the easiest method of accomplishing this? I was
> thinking s
On Wed, 2002-10-30 at 22:15, Sean McAvoy wrote:
> Yes it is true that it's making use of the systems libs, but they can't
> be touched by the process as it has been chrooted. In order for someone
> to overwrite those files, they would first have to break of the chroot.
> I'm not sure of the real s
Yes it is true that it's making use of the systems libs, but they can't
be touched by the process as it has been chrooted. In order for someone
to overwrite those files, they would first have to break of the chroot.
I'm not sure of the real security implications of using the system libs
are vs. us
On Wednesday, 30 October 2002, at 13:07:31 -0500,
Sean McAvoy wrote:
> I was looking at configuring a few of my VPN/Firewall systems to send me
> daily backups of vital config files, and selected log files. I was
> wondering what would be the easiest method of accomplishing this? I was
> thinking
On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote:
> Hello,
> Bind has the built in ability to chroot itself (-t). then all that needs
> to be done is altering the bind init script(/etc/init.d/bind), which
> contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
> that variable and you s
On Wed, 2002-10-30 at 22:15, Sean McAvoy wrote:
> Yes it is true that it's making use of the systems libs, but they can't
> be touched by the process as it has been chrooted. In order for someone
> to overwrite those files, they would first have to break of the chroot.
> I'm not sure of the real s
On Wed, Oct 30, 2002 at 03:48:32PM +0100, [EMAIL PROTECTED] wrote:
> > or maybe is it possible to share a directory where .sock are located by
> > "bind" mounting in chroots.
> you yould perhaps use
> /proc//root/var/run/mysqld/mysqld.sock
/proc//root is just a symbolic link.
--
- mdz
Yes it is true that it's making use of the systems libs, but they can't
be touched by the process as it has been chrooted. In order for someone
to overwrite those files, they would first have to break of the chroot.
I'm not sure of the real security implications of using the system libs
are vs. us
On Wednesday, 30 October 2002, at 13:07:31 -0500,
Sean McAvoy wrote:
> I was looking at configuring a few of my VPN/Firewall systems to send me
> daily backups of vital config files, and selected log files. I was
> wondering what would be the easiest method of accomplishing this? I was
> thinking
On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote:
> Hello,
> Bind has the built in ability to chroot itself (-t). then all that needs
> to be done is altering the bind init script(/etc/init.d/bind), which
> contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
> that variable and you s
On Wed, Oct 30, 2002 at 03:48:32PM +0100, [EMAIL PROTECTED] wrote:
> > or maybe is it possible to share a directory where .sock are located by
> > "bind" mounting in chroots.
> you yould perhaps use
> /proc//root/var/run/mysqld/mysqld.sock
/proc//root is just a symbolic link.
--
- mdz
--
To
How about setting up loghost server with syslog-ng ? You should send these logs
via stunnel (secure way), sort them, compress/gpg them :) Config files problem:
set up a Coda server (reliable and secure) on this loghost and write a script
to daily copy your config files.
Cheers,
Domonkos Czinke
Hello,
I was looking at configuring a few of my VPN/Firewall systems to send me
daily backups of vital config files, and selected log files. I was
wondering what would be the easiest method of accomplishing this? I was
thinking something along the lines of just tar/bzip and then gpg to
encrypt. Wha
Hello,
Bind has the built in ability to chroot itself (-t). then all that needs
to be done is altering the bind init script(/etc/init.d/bind), which
contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
that variable and you should be ok. I've done this with Bind 8, and now
upgraded
How about setting up loghost server with syslog-ng ? You should send these logs via
stunnel (secure way), sort them, compress/gpg them :) Config files problem: set up a
Coda server (reliable and secure) on this loghost and write a script to daily copy
your config files.
Cheers,
Domonkos Czinke
Hello,
I was looking at configuring a few of my VPN/Firewall systems to send me
daily backups of vital config files, and selected log files. I was
wondering what would be the easiest method of accomplishing this? I was
thinking something along the lines of just tar/bzip and then gpg to
encrypt. Wha
Hello,
Bind has the built in ability to chroot itself (-t). then all that needs
to be done is altering the bind init script(/etc/init.d/bind), which
contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
that variable and you should be ok. I've done this with Bind 8, and now
upgraded
Hi,
> or maybe is it possible to share a directory where .sock are located by
> "bind" mounting in chroots.
you yould perhaps use
/proc//root/var/run/mysqld/mysqld.sock
Regards,
weissi
Domonkos Czinke wrote:
Hi ppl :)
My question is related to a chrooted Apache(+php) and Mysql. They live
in two different chrooted environment and the problem is that I have
several php programs which wanna use the mysql, but they can't use it
since they can't find the mysql.sock file (because it
On Wed, Oct 30, 2002 at 03:24:06PM +0100, Domonkos Czinke wrote:
> Hi ppl :)
>
> My question is related to a chrooted Apache(+php) and Mysql. They live
> in two different chrooted environment and the problem is that I have
> several php programs which wanna use the mysql, but they can't use it
> s
Hi ppl :)
My question is related to a chrooted Apache(+php) and Mysql. They live
in two different chrooted environment and the problem is that I have
several php programs which wanna use the mysql, but they can't use it
since they can't find the mysql.sock file (because it in another
chroot), any
Hi,
> or maybe is it possible to share a directory where .sock are located by
> "bind" mounting in chroots.
you yould perhaps use
/proc//root/var/run/mysqld/mysqld.sock
Regards,
weissi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECT
Domonkos Czinke wrote:
Hi ppl :)
My question is related to a chrooted Apache(+php) and Mysql. They live
in two different chrooted environment and the problem is that I have
several php programs which wanna use the mysql, but they can't use it
since they can't find the mysql.sock file (because it
On Wed, Oct 30, 2002 at 03:24:06PM +0100, Domonkos Czinke wrote:
> Hi ppl :)
>
> My question is related to a chrooted Apache(+php) and Mysql. They live
> in two different chrooted environment and the problem is that I have
> several php programs which wanna use the mysql, but they can't use it
> s
Hi ppl :)
My question is related to a chrooted Apache(+php) and Mysql. They live
in two different chrooted environment and the problem is that I have
several php programs which wanna use the mysql, but they can't use it
since they can't find the mysql.sock file (because it in another
chroot), any
Hi1
Please try not to wrap long lines in command output.
On Tuesday, 2002-10-29 at 23:35:42 +0100, J.J. van Gorkum wrote:
> Hi, I have a question about chrooting bind 8.3.3
> I have used the setup as described in
> http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
> then sta
Hi1
Please try not to wrap long lines in command output.
On Tuesday, 2002-10-29 at 23:35:42 +0100, J.J. van Gorkum wrote:
> Hi, I have a question about chrooting bind 8.3.3
> I have used the setup as described in
> http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
> then sta
En réponse à Phillip Hofmeister <[EMAIL PROTECTED]>:
> On Mon, 28 Oct 2002 at 11:18:23PM -0800, Brandon High wrote:
> > On Mon, Oct 28, 2002 at 07:38:38PM -0600, Hanasaki JiJi wrote:
> > > Too bad there is no way to do a secure handshake w/ an id/password
> or
> > > even SecureID cards.
> >
> >
28 matches
Mail list logo
