Samuel wrote: > I had completely forgotten about this submission being it is 5 years > old. The issue I had at the time was the desire to chroot various > programs. Some of the programs I was chroot'ing did not allow for > changing the user once chroot executed the program yet I was executing > chroot from a root user. The whole user that was running chroot'd was > setup in the jail type system for all paths. > > The idea was for chroot to shed being a root level program so that the > program it ran would be of a normal user and even further limit > potential attacks if there was a security issue with the chroot'd > program. Alot of security has improved since then and it may not be > needed but it was a way to limit a root program from being exploited and > then for the potential of the program to leave the chroot. In the end, > the change allowed for the same functionality you have as jail under > freebsd.
I realize this is very old but for the archive I wanted to mention that 'su' may also be used to good effect with chroot. # chroot /srv/chroot/newroot su newuser -c "command args here" Also the dchroot and schroot programs are good alternatives too. Bob -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
