Re: How to emulate 'chroot /jail/ su httpd -c' ?

From: Måns Rullgård
Date: Thu Feb 26 2004 - 08:37:49 EST

Next message: Ben Collins: "Re: only ieee1394 from 2.4.20 works for me"
Previous message: Hayim Shaul: "Re: Latest AIO patchset"
In reply to: Tetsuo Handa: "Re: How to emulate 'chroot /jail/ su httpd -c' ?"
Next in thread: Tetsuo Handa: "Re: How to emulate 'chroot /jail/ su httpd -c' ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tetsuo Handa <a5497108@xxxxxxxxxx> writes:

> Hello,
>
> Sorry for querying userland program in this list.
>
> I have the following line in /etc/rc.d/init.d/httpd
>
> daemon chroot /jail/ su httpd -c $httpd $OPTIONS
>
> This needs /bin/su after /usr/sbin/chroot, but I don't
> want to place /bin/su (and related files) in the jail.
> So, I want to do this with one program.

If you remove the suid bit from the su program in the chroot it should
be rather harmless.

--
Måns Rullgård
mru@xxxxxx

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ben Collins: "Re: only ieee1394 from 2.4.20 works for me"
Previous message: Hayim Shaul: "Re: Latest AIO patchset"
In reply to: Tetsuo Handa: "Re: How to emulate 'chroot /jail/ su httpd -c' ?"
Next in thread: Tetsuo Handa: "Re: How to emulate 'chroot /jail/ su httpd -c' ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]