[gopher] Running buckd in a chroot jail?
I've got buckd successfully running in a chroot jail. This is the
relevant portion of my xinetd.conf file:
# added by Bucktooth install
service buckd
{
type = UNLISTED
protocol = tcp
port = 70
flags = REUSE
socket_type = stream
wait = no
instances = UNLIMITED
user = root
# server = /chroot/buckd/usr/local/bin/buckd
server = /usr/sbin/chroot
server_args = /chroot/buckd/ /usr/local/bin/buckd
}
The obvious problem here is that buckd is running as root (because
chroot must be invoked as root). From what I understand, it's still
possible to break out of a chroot jail as root. Is there a way for me
to set this up so buckd runs under a non-root user?
--Brian
Reply to: