Chroot jail or not
Stewart Stremler
bofh at stremler.net
Fri Nov 12 09:31:07 PST 2004
begin quoting Karl Cunningham as of Fri, Nov 12, 2004 at 07:37:21AM -0800:
[snip]
> I guess my question is: given the maturity of apache v2 and squirrelmail
> and the potential of them being compromised, is it worth the trouble? Any
> advice is appreciated.
>
> Thanks.
If you have the disk space, look into user-mode linux. Instead of
trying to figure out what library dependencies are (getting more and
more annoying in Linux), you just make a minimal distribution.
A chroot jail isn't proof against escape.
-Stewart "Nearly every application should run in a jail of some sort" Stremler
More information about the KPLUG-List
mailing list