Complete.Org: Mailing Lists: Archives: gopher: May 2009:
[gopher] Running buckd in a chroot jail?

[gopher] Running buckd in a chroot jail?

[Top] [All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]

To:	gopher@xxxxxxxxxxxx
Subject:	[gopher] Running buckd in a chroot jail?
From:	Brian Koontz <brian@xxxxxxxxxxxxx>
Date:	Sat, 9 May 2009 20:05:03 -0500
Reply-to:	gopher@xxxxxxxxxxxx

I've got buckd successfully running in a chroot jail.  This is the
relevant portion of my xinetd.conf file:

# added by Bucktooth install
service buckd
{
        type                    = UNLISTED
        protocol                = tcp
        port                    = 70
        flags                   = REUSE
        socket_type             = stream
        wait                    = no
        instances               = UNLIMITED
        user                    = root
#        server                  = /chroot/buckd/usr/local/bin/buckd
        server                  = /usr/sbin/chroot
        server_args             = /chroot/buckd/ /usr/local/bin/buckd

}

The obvious problem here is that buckd is running as root (because
chroot must be invoked as root).  From what I understand, it's still
possible to break out of a chroot jail as root.  Is there a way for me
to set this up so buckd runs under a non-root user?

  --Brian

[Prev in Thread]

Current Thread

[Next in Thread]

[gopher] Running buckd in a chroot jail?, Brian Koontz <=
- [gopher] Re: Running buckd in a chroot jail?, Brian Koontz, 2009/05/09
  - [gopher] Re: Running buckd in a chroot jail?, Cameron Kaiser, 2009/05/09

Next by Date: [gopher] Re: Running buckd in a chroot jail?
Next by thread: [gopher] Re: Running buckd in a chroot jail?
Index(es):
- Date
- Thread