You might want to take a look at either mod_security (libapache-mod-security, libapache2-mod-security) or mod_chroot (libapache-mod-chroot) for the actual chroot. As for files, I use makejail, but if you only need mod_php, then you probably don't need to make any changes. If you need perl or mod_perl, than it gets much more complicated. As always, check google and tldp.org if you need more info. Antonio Rodriguez wrote: > I will need to use uploading of pictures in a website, and it seems to > me that this was the window used by (who/what)ever entered. Do you > have any recommendations about security measures related to this? > May creating some chroot environment, and then "file > pic" and make a decision from there, who knows. Any pointers to this > will be greatly appreciated. -- -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GAT/CM$/CS>$/CC/IT$/M/S/O/U dpu s+:++ !a C++$>C+++$ UB+++>++++$L++++$*-- P+>++$ L+++(++++)$ E-(---) W+++>$ N(+) o? K- w--(---) O? M V? PS++@ PE-@ Y+@ PGP++(+++)>$ t? 5? X? R tv--(-) b++(+++)@ DI? D? G e->++++ h* r? z* ------END GEEK CODE BLOCK------ David Mandelberg webmaster@eth0.is-a-geek.org
Attachment:
signature.asc
Description: OpenPGP digital signature