[mpm-itk] mpm_itk and chroot

Gregy gregy at gregy.cz
Mon Jan 4 21:12:06 CET 2010


> No; unixd_setup_child() does lots of stuff which is directly incompatible
> with the way mpm-itk works. I could copy out the chroot stuff into mpm-itk,
> but I honestly don't see the point; it doesn't really win you much security,
> and it would require an extra capability to be added to mpm-itk's set. Just
> set your permissions correctly :-)

I am not sure if it really works this way but to suid itk has to run
code as root, wouldn't it be safer to be chrooted? Or is chroot so
easy to get through it doesn't matter?



More information about the mpm-itk mailing list