[Previous] [Next] [Index]
[Thread]
chroot-ed httpd
All --
I'm running NCSA's HTTP daemon, and one of the security measures that they mention but neither support nor especially endorse is running httpd in a chroot-ed environment. My question to everyone is: Is it worth it? To date we do not run our httpd chroot-ed, but I am going to overhaul our Web server in the near future and I'm wondering whether I should consider restructuring the filesystem to make it more hospitable for the chroot-ed daemon.
What are everyone's thoughts about this?
Jerry
Follow-Ups: