[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] rsync files
|
From: |
Bas Jansen |
|
Subject: |
Re: [Jailkit-users] rsync files |
|
Date: |
Thu, 05 Jan 2006 10:42:14 +0100 |
Found a critical bug... (like not using the jail in the rsb script at
all, forgot to add the username to host in it). Will send new file for
this later today.
Sorry for the inconvenience.
On Thu, 2006-01-05 at 09:13 +0100, Bas Jansen wrote:
> No it's quite different (if you meant the first version), on the server
> sides you now have a read only mount (bind in the 1 i spread out, might
> switch to loopback to save on disk space) that only contains the setuid
> rooted rsync, the libraries and the etc user file (for just that jail
> user). Then there is a no-dev, no-suid, no-exec writeable mount mounted
> under that other mount as /data where the stuff is actually written.
>
> This means that you can't read device files from the backup, can't
> modify any files that are used in the jail itself since they are
> read-only.
>
> Hope that explains a bit? ... i should draw a simple model of it some
> time to make it easily visible i guess :P
>
> Greetings,
> Bas
>
> On Wed, 2006-01-04 at 23:18 +0100, Olivier Sessink wrote:
> > Bas Jansen wrote:
> >
> > > THIS way i am more convinced that it's (near?) unbreakable....
> >
> > what exactly is more unbreakable than your previous setup? it's the same
> > idea on the server, right?
> >
> > Olivier
> >
> >
> > _______________________________________________
> > Jailkit-users mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/jailkit-users
>
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
Re: [Jailkit-users] chrootsh login problem, Olivier Sessink, 2006/01/04