putting Apache into chroot()-prison

To: debian-user@lists.debian.org
Subject: putting Apache into chroot()-prison
From: "R. M. Lampert" <romulus@arcormail.de>
Date: Mon, 25 Dec 2000 20:46:41 +0100
Message-id: <[🔎] 20001225204641.A199@arcormail.de>

Hi, folks!

Due to some very unpleasant experience in the company
I'm working at (rootshell attack due to a buffer overflow
intrusion in httpd...)  there's a great need with us
to inform thoroughly about changing to a safer environment, 
that is LAMP  or even better NAMP (NetBSD, Apache ... there
are some very unpalatable truths in the world, indeed!).

Of topmost interest is building Apache and everything
that is associated with it (particularly MySQL, PHP, Perl) 
within a chroot() environment to lock intruders within 
this special ,,root directory``.  

Do you know any pointer to chroot()-information that includes
some kind of HOWTO rather than a list of advantages of this
approach?

Thanx in advance,


-- 

Matthias Lampert                       
                                   .^.         
Graal-Müritzer-Str. 1b ||          /V\           
22885 Barsbüttel       ||        /(   )\
Tel: (040) 670 89 445  ||         ^^-^^

Reply to:

Follow-Ups:
- Voodo3 3000
  - From: <presi@inwind.it>
- Re: putting Apache into chroot()-prison
  - From: Nate Amsden <aphro@portal.aphroland.org>

Prev by Date: Setting terminal defaults & shutdown (patato 2.2r0)
Next by Date: Re: Setting terminal defaults & shutdown (patato 2.2r0)
Previous by thread: Re: Setting terminal defaults & shutdown (patato 2.2r0)
Next by thread: Voodo3 3000
Index(es):
- Date
- Thread