On Fri, 5 Dec 2003 21:45:01 +0100 Florian Weimer <fw@deneb.enyo.de> wrote: > The privilege separation code invokes chroot(), too. > > Is there a "do not create any new file descriptors" process attribute > in grsecurity? If there is, OpenSSH should toggle instead of calling > chroot() to an empty directory, which is a poor replacement. Hello, Thanks for your explanation but i don't know how to do that with grsecurity. I am looking after this. I have done a chroot environment for ssh to log in for fetch, read and send mails with mutt, procmail, fetchmail and postfix. But i would like to know how i can integrate postfix to this chroot environment. Could you give me some advices about this ? Thanks for your help... Arnaud Fontaine ----- signature Arnaud Fontaine <dsdebian@free.fr> - http://www.andesi.org/ GnuPG Public Key available at http://www.andesi.org/gpg/dsdebian.asc Fingerprint: 22B6 B676 332E 23BC CA7D 174D 6D41 235A 23A2 500A ------ fortune "There are a billion people in China. And I want them to be able to pass notes to each other written in Perl. I want them to be able to write poetry in Perl. That is my vision of the Future. My chosen perspective." -- Larry Wall (Open Sources, 1999 O'Reilly and Associates)
Attachment:
pgp2gDV4dHqxX.pgp
Description: PGP signature