HPE Community
Operating System - HP-UX
1836698 Members
2493 Online
110108 Solutions
New Discussion

chroot question?

 
SOLVED
Go to solution
rveri
Super Advisor

‎07-23-2006 03:54 PM

‎07-23-2006 03:54 PM

chroot question?

Hi all,
What is chroot and what is the use.

Thanks.
0 Kudos
Reply
4 REPLIES 4
Victor Fridyev
Honored Contributor

‎07-23-2006 04:55 PM

‎07-23-2006 04:55 PM

Re: chroot question?

Hi,

chroot is a possibility to define some directory as the upper (root) directory for an application or user[s].
This permits to define areas which are accessible for users or applications. For example, chroot can limit ftp users not to see directories except /home/ftpusers.


The details you can see in
man chroot and man 1m chroot

HTH
Entities are not to be multiplied beyond necessity - RTFM
Reply
Arunvijai_4
Honored Contributor

‎07-23-2006 05:43 PM

‎07-23-2006 05:43 PM

Solution

Re: chroot question?

Hi,

Here is a good article about "chroot" : http://en.wikipedia.org/wiki/Chroot

-Arun
"A ship in the harbor is safe, but that is not what ships are built for"
Reply
Steven E. Protter
Exalted Contributor

‎07-23-2006 05:48 PM

‎07-23-2006 05:48 PM

Re: chroot question?

Shalom,

chroot is referred to often as the chroot jail.

It is a security method that keeps a process or user in a limited environment.

Say the user logs in and normally gets /home/username as home directory.

In a normal environment that user can cd / to root

In a chroot environment /home/username becomes root and the user can't move up to root and do harm.

The downside is that the user loses access to many necessary commands and a chroot configuration needs to provide that access to users.

The neat thing about chroot is its not just for users. DNS/Bind is commonly run in a chroot jail. HP's apache server ships with a configuration script to run it in a chroot jail.

In the case of an appliction, lets say a malicious web user figures out how to override apache and get a shell prompt. If its running in a chroot jail the user can do almost nothing with this session.

Quite useful, though not so easy to configure.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Raj D.
Honored Contributor

‎07-23-2006 07:21 PM

‎07-23-2006 07:21 PM

Re: chroot question?

Hi ,

You can check this documents as well,

New user and chroot configuration

http://docs.hp.com/en/T1471-90011/ch01s12.html



chroot-example:

http://hoohoo.ncsa.uiuc.edu/docs/tutorials/chroot-example.html


Cheers,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.