chroot-ed httpd

• To: www-security@ns2.rutgers.edu
• Subject: chroot-ed httpd
• From: jerryb@howpubs.com (Jerry Busser)
• Date: Mon, 29 Apr 1996 12:48:48 -0500

All --

I'm running NCSA's HTTP daemon, and one of the security measures that they mention but neither support nor especially endorse is running httpd in a chroot-ed environment. My question to everyone is: Is it worth it? To date we do not run our httpd chroot-ed, but I am going to overhaul our Web server in the near future and I'm wondering whether I should consider restructuring the filesystem to make it more hospitable for the chroot-ed daemon.

What are everyone's thoughts about this? 

Jerry

• Re: chroot-ed httpd
• From: tauzell@math.umn.edu
• Re: chroot-ed httpd
• From: efrank@ncsa.uiuc.edu (Beth Frank)

• Previous: Re: Restrictions group without ask for the password
• Next: bugs
• Index(es):
  • Index
  • Thread