[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] rsync files
From: |
Bas Jansen |
Subject: |
Re: [Jailkit-users] rsync files |
Date: |
Thu, 05 Jan 2006 17:19:47 +0100 |
ps: ik ben tot maandag niet op me werk dus als je een eventueel antwoord
ook kan mailen naar address@hidden aub
Bas
On Thu, 2006-01-05 at 10:42 +0100, Bas Jansen wrote:
> Found a critical bug... (like not using the jail in the rsb script at
> all, forgot to add the username to host in it). Will send new file for
> this later today.
>
> Sorry for the inconvenience.
>
> On Thu, 2006-01-05 at 09:13 +0100, Bas Jansen wrote:
> > No it's quite different (if you meant the first version), on the server
> > sides you now have a read only mount (bind in the 1 i spread out, might
> > switch to loopback to save on disk space) that only contains the setuid
> > rooted rsync, the libraries and the etc user file (for just that jail
> > user). Then there is a no-dev, no-suid, no-exec writeable mount mounted
> > under that other mount as /data where the stuff is actually written.
> >
> > This means that you can't read device files from the backup, can't
> > modify any files that are used in the jail itself since they are
> > read-only.
> >
> > Hope that explains a bit? ... i should draw a simple model of it some
> > time to make it easily visible i guess :P
> >
> > Greetings,
> > Bas
> >
> > On Wed, 2006-01-04 at 23:18 +0100, Olivier Sessink wrote:
> > > Bas Jansen wrote:
> > >
> > > > THIS way i am more convinced that it's (near?) unbreakable....
> > >
> > > what exactly is more unbreakable than your previous setup? it's the same
> > > idea on the server, right?
> > >
> > > Olivier
> > >
> > >
> > > _______________________________________________
> > > Jailkit-users mailing list
> > > address@hidden
> > > http://lists.nongnu.org/mailman/listinfo/jailkit-users
> >
> >
> >
> > _______________________________________________
> > Jailkit-users mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/jailkit-users
>
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
Re: [Jailkit-users] chrootsh login problem, Olivier Sessink, 2006/01/04