On Wed, Oct 30, 2002 at 11:43:28PM +0100, J.J. van Gorkum wrote:
>
> Maybe I'm too much an old school admin but 'they' allways told me to
> move all the libraries into the chroot environment (no symlinks
> watsoever) and even (if possible) move the whole chroot environment
> onto an special (read
On Wed, Oct 30, 2002 at 11:43:28PM +0100, J.J. van Gorkum wrote:
>
> Maybe I'm too much an old school admin but 'they' allways told me to
> move all the libraries into the chroot environment (no symlinks
> watsoever) and even (if possible) move the whole chroot environment
> onto an special (read
On Wed, 2002-10-30 at 22:15, Sean McAvoy wrote:
> Yes it is true that it's making use of the systems libs, but they can't
> be touched by the process as it has been chrooted. In order for someone
> to overwrite those files, they would first have to break of the chroot.
> I'm not sure of the real s
Yes it is true that it's making use of the systems libs, but they can't
be touched by the process as it has been chrooted. In order for someone
to overwrite those files, they would first have to break of the chroot.
I'm not sure of the real security implications of using the system libs
are vs. us
On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote:
> Hello,
> Bind has the built in ability to chroot itself (-t). then all that needs
> to be done is altering the bind init script(/etc/init.d/bind), which
> contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
> that variable and you s
On Wed, 2002-10-30 at 22:15, Sean McAvoy wrote:
> Yes it is true that it's making use of the systems libs, but they can't
> be touched by the process as it has been chrooted. In order for someone
> to overwrite those files, they would first have to break of the chroot.
> I'm not sure of the real s
Yes it is true that it's making use of the systems libs, but they can't
be touched by the process as it has been chrooted. In order for someone
to overwrite those files, they would first have to break of the chroot.
I'm not sure of the real security implications of using the system libs
are vs. us
On Wed, 2002-10-30 at 18:40, Sean McAvoy wrote:
> Hello,
> Bind has the built in ability to chroot itself (-t). then all that needs
> to be done is altering the bind init script(/etc/init.d/bind), which
> contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
> that variable and you s
Hello,
Bind has the built in ability to chroot itself (-t). then all that needs
to be done is altering the bind init script(/etc/init.d/bind), which
contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
that variable and you should be ok. I've done this with Bind 8, and now
upgraded
Hello,
Bind has the built in ability to chroot itself (-t). then all that needs
to be done is altering the bind init script(/etc/init.d/bind), which
contains the OPTS variable. Add '-u [username] -t [chroot_dir]' into
that variable and you should be ok. I've done this with Bind 8, and now
upgraded
Hi1
Please try not to wrap long lines in command output.
On Tuesday, 2002-10-29 at 23:35:42 +0100, J.J. van Gorkum wrote:
> Hi, I have a question about chrooting bind 8.3.3
> I have used the setup as described in
> http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
> then sta
Hi1
Please try not to wrap long lines in command output.
On Tuesday, 2002-10-29 at 23:35:42 +0100, J.J. van Gorkum wrote:
> Hi, I have a question about chrooting bind 8.3.3
> I have used the setup as described in
> http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
> then sta
Hi, I have a question about chrooting bind 8.3.3
I have used the setup as described in
http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
then start bind evrything looks right but when I do a lsof -p I see:
command to start bind:
start-stop-daemon --start --quiet --exec /usr
Hi, I have a question about chrooting bind 8.3.3
I have used the setup as described in
http://people.debian.org/~pzn/howto/chroot-bind.sh.txt ... but when I
then start bind evrything looks right but when I do a lsof -p I see:
command to start bind:
start-stop-daemon --start --quiet --exec /usr
14 matches
Mail list logo
