[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: nullfs status

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: nullfs status
From: Leroy van Engelen <leroy_(_at_)_cal024042_(_dot_)_student_(_dot_)_utwente_(_dot_)_nl>
Date: Sun, 06 Apr 2003 20:53:56 +0200

Chuck Yerkes wrote:

Quoting Leroy van Engelen (leroy_(_at_)_cal024042_(_dot_)_student_(_dot_)_utwente_(_dot_)_nl):
Loopback/nullfs:
I've found it crashes on unmount.

The same here.

Loopback file systems (what they were called in SunOS 3) can
also mitigate any protection you hope to gain from chroot.
Such that you might as well run "httpd -u" and not bother
believing yourself protected.

Does anyone know of a resource from which I can learn what is safe to do in a chroot environment, without losing the protection I gain from it? It would be a shame to try keeping Apache chroot'ed when all I end up doing is making it even more insecure than without the chroot.

The setup I was thinking of was having my data files (pictures etc) mounted read-only under www/ with the nullfs. Why could this break the chroot?

-Leroy

References:
- nullfs status
  - From: Leroy van Engelen
- Re: nullfs status
  - From: Chuck Yerkes

Prev by Date: Re: OpenBSD on simpletech CF harddisk or PCI Based CF readers.
Next by Date: -current testing with VMware
Previous by thread: Re: nullfs status
Next by thread: Re: nullfs status
Index(es):
- Date
- Thread

Visit your host, monkey.org