|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: chroot useful?
Steven M. Bellovin (smb
research.att.com)
Thu, 13 Nov 1997 01:20:19 +0000
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Chris Brenton: "Re: Facts, not Fiction"
- Previous message: Paul McNabb: "Re: chroot useful?"
- Maybe in reply to: Claudio Telmon: "chroot useful?"
- Next in thread: C Matthew Curtin: "Re: chroot useful?"
- Reply: C Matthew Curtin: "Re: chroot useful?"
It is important to understand what chroot() is and what it isn't. It is
not a virtualization of the machine. Attempts to use it as such are
quite likely doomed. It is a mechanism to virtualize file name access;
at that, it does quite a good job, and has since shortly after the first
public release in 1979. (That version permitted chroot("..") out of the
subtree.)
Standard UNIX systems do not have a complete virtual environment. There
have been various attempts to add these on, with more or less success.
But it's an area where one should tread cautiously.
--Steve Bellovin
- Next message: Chris Brenton: "Re: Facts, not Fiction"
- Previous message: Paul McNabb: "Re: chroot useful?"
- Maybe in reply to: Claudio Telmon: "chroot useful?"
- Next in thread: C Matthew Curtin: "Re: chroot useful?"
- Reply: C Matthew Curtin: "Re: chroot useful?"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:48 CDT