dpuryear
03-27-2003, 05:35 PM
Need clarification. When we were initially reviewing DSM I asked if Apache ran chroot and was told:
>5. Will DSM have any issues if I install it, along with Apache, in a chroot
>environment?
>
>DSM has a chrooted shell environment already.
A bit of a confusing answer, but I took it to mean that yes, Apache ran chroot. After getting DSM up and running I do not think that Apache is running chroot. :)
# ll /proc/995
total 0
lrwxrwxrwx 1 root root 0 Mar 27 16:13 cwd -> /
lrwxrwxrwx 1 root root 0 Mar 27 16:13 root -> /
...
Where httpd has PID 995. Call me crazy here.
So Apache does NOT run in a chroot environment.
What needs to be done to get Apache to do so? More to point, what craziness will this cause DSM?
I am surprised you don't have this already setup by default. Nor named for that matter. These are probably the two most classically vulnerable services on a Linux machine these days.
>5. Will DSM have any issues if I install it, along with Apache, in a chroot
>environment?
>
>DSM has a chrooted shell environment already.
A bit of a confusing answer, but I took it to mean that yes, Apache ran chroot. After getting DSM up and running I do not think that Apache is running chroot. :)
# ll /proc/995
total 0
lrwxrwxrwx 1 root root 0 Mar 27 16:13 cwd -> /
lrwxrwxrwx 1 root root 0 Mar 27 16:13 root -> /
...
Where httpd has PID 995. Call me crazy here.
So Apache does NOT run in a chroot environment.
What needs to be done to get Apache to do so? More to point, what craziness will this cause DSM?
I am surprised you don't have this already setup by default. Nor named for that matter. These are probably the two most classically vulnerable services on a Linux machine these days.