Complete.Org: Mailing Lists: Archives: gopher: January 2002:
[gopher] Re: Security issues in Gopher?

[gopher] Re: Security issues in Gopher?

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

To:	gopher@xxxxxxxxxxxx
Subject:	[gopher] Re: Security issues in Gopher?
From:	John Goerzen <jgoerzen@xxxxxxxxxxxx>
Date:	22 Jan 2002 10:00:07 -0500
Reply-to:	gopher@xxxxxxxxxxxx

Robert Hahn <rhahn@xxxxxxxxxxxxxx> writes:

> Interesting.  I manned chroot last night, which gave me a clear answer as to 
> what and how, but, as is typical with all man pages, lacks a 'why'. :P
> 
> So, can you explain what the significance of chroot* is and how it
> increases security?  Especially as it compares to running a server
> either as 'nobody' or (horrors) root?

It means that the files not under that directly are completely and
forever inaccessible* to that process and all of its children.  Even a
process running as nobody can read /etc/passwd.

So, run gopherd as nobody and put it chrooted, and you've got a
bombproof protection.

* Exceptions exist for the superuser.

[Prev in Thread]

Current Thread

[Next in Thread]

[gopher] Re: Security issues in Gopher?, Robert Hahn, 2002/01/22
- [gopher] Re: Security issues in Gopher?, Tristan Alexander McLeay, 2002/01/22
- [gopher] Re: Security issues in Gopher?, John Goerzen <=
- [gopher] Re: Security issues in Gopher?, Robert Hahn, 2002/01/22
  - [gopher] Re: Security issues in Gopher?, David Allen, 2002/01/22
  - [gopher] Re: Security issues in Gopher?, John Goerzen, 2002/01/22
- [gopher] Re: Security issues in Gopher?, Robert Hahn, 2002/01/23

Prev by Date: [gopher] Re: Security issues in Gopher?
Next by Date: [gopher] 200M 空间 + 国际域名 = 150元/年
Previous by thread: [gopher] Re: Security issues in Gopher?
Next by thread: [gopher] Re: Security issues in Gopher?
Index(es):
- Date
- Thread