Forgot your password?
typodupeerror
Security Software Linux

When Not to Use chroot 407

Posted by CowboyNeal
from the trust-no-one dept.
Hyena writes "Linux guru Alan Cox is quoted as saying 'chroot is not and never has been a security tool' in a KernelTrap article summarizing a lengthy thread on the Linux Kernel mailing list. The discussion began with a patch attempting to 'fix a security hole' in the Unix chroot command, trying to improve the ability of chroot to contain a process. When it was pointed out that people have been using chroot as a security tool for years, another kernel hacker retorted, 'incompetent people implementing security solutions are a real problem.' A quick search on the terms 'chroot+security' quickly reveals that many people have long thought (wrongly) that chroot's purpose was for improving security."
This discussion has been archived. No new comments can be posted.

When Not to Use chroot

Comments Filter:

I am here by the will of the people and I won't leave until I get my raincoat back. - a slogan of the anarchists in Richard Kadrey's "Metrophage"

Working...