Re: goals for hardening Debian: ideas and help wanted
>
> chroot is not a security feature?
>
> As far I understand, chroots in Debian/Fedora aren't jails.
>
> Source:
> https://securityblog.redhat.com/2013/03/27/is-chroot-a-security-feature/
>
In deed a Linux chroot - environment is not a jail.
You could use sth. like grsecurity to harden Linux chroot environments;
or any MAC (Mandatory Access) system like SELinux.
You may also read a bit about the security of chroot at http://www.elstel.org/xchroot/ (the first two sections).
Reply to: