Jan 16, 2021, 01:51 AM


MyKidsDiary.in :: Capture your kids magical moment and create your Online Private Diary for your kids

Running Apache in Jail

Started by sukishan, Aug 23, 2009, 12:27 AM

previous topic - next topic
Go Down


Running Apache in Jail
Many system administrators hesitate to carry out Chroot jails. Indeed, this can be a formidable task, particularly if you also have to jail a database and several scripting languages. Mobily explains the task in his book, including the details of getting Perl and PHP to work with Apache in jail.

Chroot jails create a quasi-root sector on a server, so, if they're compromised, the compromising attacker is exclusively jailed within a subset of directories and not the true root file system. This is due to the program's inclusion of a command shell, "believing '/', which refers to that particular sector of the file system -- not the true server root.

The challenge lies in getting all of the required library files in place in the jail, which is necessary even to run a simple bash shell. Mobily makes the process less painful with his coverage here.

"You may think it's weird to have a server where most of the files are in a 'cage'," Mobily commented. "People might wonder: what difference does it make? Why bother with the cage at all? Well, the point is that even though all the information in the cage may be compromised, you can still be fairly sure that the server itself hasn't been modified, doesn't contain a nasty root kit, and so on (not through Apache anyway)."

"If you realize that you were cracked, you can simply explode a tar file from backup (possibly a very big one!) with the content of the whole chroot jail (of course, you'd be creating a daily copy of this file), and then analyze your log files to find out who made the attack and how. The equivalent, at server level, is a complete reinstallation -- which is a much more painful and time-consuming process!"
A good beginning makes a good ending

Go Up

Quick Reply

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Note: this post will not display until it's been approved by a moderator.
Please leave this box empty:

Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:

shortcuts: alt+s submit/post or alt+p preview
IT Acumens Web Designing Chennai | GinGly :: Build your Personal Website | CineBuzz :: Cinema News | My Kids Diary :: Kids Memories Writing :: Book Website @ 349 Rs monthly
Copyright 2005 - 2020 :: IT Acumens :: All Rights Reserved. :: Sitemap
ITAcumens Discussion Forum with 2 lakhs post running for 15 years - Powered by IT Acumens Dedicated Server