Re: Chrooted packages, where to put them?

To: debian-devel@lists.debian.org
Subject: Re: Chrooted packages, where to put them?
From: Robert Bihlmeyer <robbe@orcus.priv.at>
Date: 25 May 2000 13:04:48 +0200
Message-id: <[🔎] 87snv6dh67.fsf@hoss.orcus.priv.at>
In-reply-to: Stephen Frost's message of "Wed, 24 May 2000 12:10:54 -0400 (EDT)"
References: <[🔎] Pine.LNX.4.05.10005241201570.24313-100000@ns.snowman.net>

Stephen Frost <sfrost@ns.snowman.net> writes:

> If a library is shared between two
> packages and it can be modified by someone in one of the chroot'ed
> environments, that could affect the other chroot'ed environments.

The library is writable by root only, and the daemon does not run as
root. Or else, it could break out of the jail already.

> 	The way I compiled bind, IIRC, was to statically compile it so
> as to not have it depend on any libraries. Now, this does take it up
> from 452k to 1.8M, so I can see the desire to avoid that.

If you really want to give each daemon its own c-library (and the
daemon consists of only one or two binaries), it is more space-saving
to link statically. This way you only get the objects you need, rather
than the whole library, and the it is not PIC (which means: faster
and smaller on register-impaired archs like i386)

But as stated above, I don't think it gains you much.

-- 
Robbe

Reply to:

References:
- Re: Chrooted packages, where to put them?
  - From: Stephen Frost <sfrost@mail.snowman.net>

Prev by Date: Re: ssh problems with {master,va}.debian.org???
Next by Date: Re: CD images and US export laws
Previous by thread: Re: Chrooted packages, where to put them?
Next by thread: A plea for a distribution of the XML/Java Apache tools
Index(es):
- Date
- Thread