[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

chroot sockets (was: Introducing the hardening-wrapper package)

Hi,

On Tue, May 31, 2011 at 09:35:32AM +0200, Samuel Thibault wrote:

> You just need another partition, run debootstrap in it, and chroot
> into it. You'll need to firmlink servers/socket/{1,2} from the root to
> get named pipes and network sockets working.

Err... What's the use of sharing the pipe server between chroot and main
system?

For the network stack, it certainly does make sense to share the server
-- though in many situations it might be preferable to use an extra
pfinet instance too. (With different IP address of course...)

-antrik-
Reply to: