[gopher] Re: Security issues in Gopher?
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
> > pretty sound to me (ie: user 'nobody' can't really do a whole lot of
> > damage) so I'm wondering what it would take for me to run gopherd as
> > nobody - and better still, why people are running it as root.
>
> You can not only run gopherd as nobody (see -u) but you can also run
> it chroot, which is more than you get with Apache even.
Interesting. I manned chroot last night, which gave me a clear answer as to
what and how, but, as is typical with all man pages, lacks a 'why'. :P
So, can you explain what the significance of chroot* is and how it increases
security? Especially as it compares to running a server either as 'nobody' or
(horrors) root?
* I don't know what your manpage says, but mine says that chroot simply changes
the location of the root home folder.
Or... point me to a resource that would do as well?
thx,
-rh
- [gopher] Re: Security issues in Gopher?,
Robert Hahn <=
|
|
