Hello,
I have what I think is a simple question. I have setup a chroot jail for a service, and I want my startup script to chroot and then perform the setuid to the lower privilege user (or su and then chroot, either way).
What is the easiest way to do this? After looking through the docs, it seems that what I want to do is enable the ACL system, and then put an ACL on the setuid binary. Is there a better, more straightforward way to handle this?
Thanks,
Steve
Setuid within chroot
2 posts
• Page 1 of 1
Setuid within chroot
by sychan » Tue Jul 22, 2003 8:41 pm
- sychan
- Posts: 2
- Joined: Tue Jul 22, 2003 8:37 pm
by lroma » Tue Oct 14, 2003 10:21 am
have a look at daemontools: http://cr.yp.to/daemontools/setuidgid.html
here an example for running "program" as nobody in a chroot jail:
/usr/sbin/chroot /chroot/program /lib/setuidgid nobody program
bye,
lele
here an example for running "program" as nobody in a chroot jail:
/usr/sbin/chroot /chroot/program /lib/setuidgid nobody program
bye,
lele
- lroma
- Posts: 5
- Joined: Mon Apr 07, 2003 9:01 am
2 posts
• Page 1 of 1