|
From: | Olivier Sessink |
Subject: | Re: [Jailkit-users] RE: _init error: chrootdir is not safe |
Date: | Tue, 04 Jul 2006 08:03:56 +0200 |
User-agent: | Thunderbird 1.5.0.4 (X11/20060619) |
Dex Chen wrote:
Thanks for the response. Yes, the parent dir(s) of the JAILROOT requires group write in this case.
perhaps the check is too strict, but I'm not completely sure. A jail is safe if the rootdir of the jail is only writable for user root.
But I'm not sure about this: if the parent is writable for some other user (or group), he/she can for example rename the jaildir and replace it with a unsafe one, correct? If so that would make the jail insecure..
regards, Olivier
[Prev in Thread] | Current Thread | [Next in Thread] |