Hey guys I'm really interested in using jailkit for my company's servers. I have installed jailkit on several distros and in several ways, including all the various scenarios described on the website. I find jailkit to be much preferable to building a chroot environment manually. Also, it's so fast and easy I've had more time to contemplate questions of security such as:
Why is the passwd file inside the chroot used? Isn't this (kinda) insecure, as one could perhaps change this file and change the UID of the user to 0? I got this question while reading:
http://www.unixwiz.net/techtips/chroot-practices.html What would be the best way to modify jailkit to take this into account? Also, what about using the -r option for bash when starting a bash session to be used for only one command (say, cvs)?