Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to jail a process in his repertory ?
Special Forums Cybersecurity How to jail a process in his repertory ? Post 302581289 by jim mcnamara on Monday 12th of December 2011 03:57:37 PM
Old 12-12-2011
You cannot chroot a process, you chroot jail a user account.

Create a user that has a home directory: /repertory/to/process, so /reprtory is really / for that user.

There are guides for for how to do this - most examples use ssh user accounts - here is an example:
Building a Secure User Environment with SSH ChRoot
 

8 More Discussions You Might Find Interesting

1. Linux

how can i jail a user?

I created a user useradd -d /disk2/ftpfiles me How would i beable to jail me so he could not move arround my file system? (4 Replies)
Discussion started by: byblyk
4 Replies

2. UNIX for Advanced & Expert Users

FBSD jail question

I'm trying to establish a jail on a FBSD 6.1 system and have a couple of questions on bringing up the daemon. Under the jail man page there are two user flags that I am unclear on, -u username The user name from host environment as whom the command should run. -U... (1 Reply)
Discussion started by: thumper
1 Replies

3. What is on Your Mind?

Should Paris Hilton be in Jail?

Enough of boring techie topics!! Vote on Paris Hilton and her jail time!! What do you think? (9 Replies)
Discussion started by: Neo
9 Replies

4. UNIX for Dummies Questions & Answers

How to start a chroot jail?

I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies

5. Solaris

How to Jail ftp user

Hi Gurus, I am creating a user for ftp only on Solaris 10. However while testing I can see user can reach to root directory. I followed following while creating the user 1 Created a shell in /usr/bin/ftponly as chmod a+x to ftponly 2 Placed the entry in /etc/shells ... (2 Replies)
Discussion started by: kumarmani
2 Replies

6. UNIX for Advanced & Expert Users

ssh jail user

I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still... (2 Replies)
Discussion started by: toor13
2 Replies

7. Shell Programming and Scripting

Need help with if an extension exists in a certain repertory

Hi, I was wondering if you can help me with verifying if certain extension exists in /var/log with an if statement. Basically I'm trying to see if there is a .Gz extension in the repertory /var/log. My code: if ; then echo ¨ The extension exist¨ else echo ¨theres no extension¨ fi ... (2 Replies)
Discussion started by: Froob
2 Replies

8. Cybersecurity

How to jail a process?

Hello people, I'm creating a web game control panel, where people can manage their gameserver on a php made control panel. But i have no idea how to create an jailed inviroment for the gameserver, I've looked at possebilites for chroot, but i don't want the gameserver has any binaries of linux... (1 Reply)
Discussion started by: gm33
1 Replies

LEARN ABOUT FREEBSD

pam_chroot

PAM_CHROOT(8)						    BSD System Manager's Manual 					     PAM_CHROOT(8)

NAME

     pam_chroot -- Chroot PAM module

SYNOPSIS

     [service-name] module-type control-flag pam_chroot [arguments]

DESCRIPTION

     The chroot service module for PAM chroots users into either a predetermined directory or one derived from their home directory.  If a user's
     home directory as specified in the passwd structure returned by getpwnam(3) contains the string ``/./'', the portion of the directory name to
     the left of that string is used as the chroot directory, and the portion to the right will be the current working directory inside the chroot
     tree.  Otherwise, the directories specified by the dir and cwd options (see below) are used.

     also_root	Do not hold user ID 0 exempt from the chroot requirement.

     always	Report a failure if a chroot directory could not be derived from the user's home directory, and the dir option was not specified.

     cwd=directory
		Specify the directory to chdir(2) into after a successful chroot(2) call.

     dir=directory
		Specify the chroot directory to use if one could not be derived from the user's home directory.

SEE ALSO

     pam.conf(5), pam(8)

AUTHORS

     The pam_chroot module and this manual page were developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division
     of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.

BSD
								 February 10, 2003							       BSD
All times are GMT -4. The time now is 06:51 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy