[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ A ] [ B ] [ C ] [ D ] [ E ] [ F ] [ G ] [ H ] [ next ]

Securing Debian Manual
Appendix H - Chroot environment for Apache


H.1 Introduction

The chroot utility is often used to jail a daemon in a restricted tree. You can use it to insulate services from one another, so that security issues in a software package do not jeoparize the whole server. When using the makejail script, setting up and updating the chrooted tree is much easier.


H.1.1 Licensing

This document is copyright 2002 Alexandre Ratti. It has been dual-licensed and released under the GPL version 2 (GNU Public License) the GNU-FDL 1.2 (GNU Free Documentation Licence) and is included in this manual with his explicit permission. (from the original document)


H.2 Installing the server

This procedure was tested on Debian GNU/Linux 3.0 (Woody) with makejail 0.0.4-1 (in Debian/testing).

The reason I like this is because setting up the jail is not very difficult and the server can be updated in just two lines:

      
     apt-get update && apt-get install apache
     makejail /etc/makejail/apache.py

H.3 See also

If you are looking for more information you can consider these sources of information in which the information presented is based:


[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ A ] [ B ] [ C ] [ D ] [ E ] [ F ] [ G ] [ H ] [ next ]

Securing Debian Manual

2.99 18 April 2004Wed, 3 Mar 2004 09:18:54 +0100

Javier Fernández-Sanguino Peña jfs@computer.org