stas 02/03/25 07:41:50
Modified: src/docs/1.0/guide Changes.pod help.pod multiuser.pod
Log:
- add jail(8) info [Andrew McNaughton]
- add chroot(1) info and urls
Revision Changes Path
1.3 +12 -0 modperl-docs/src/docs/1.0/guide/Changes.pod
Index: Changes.pod
===================================================================
RCS file: /home/cvs/modperl-docs/src/docs/1.0/guide/Changes.pod,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Changes.pod 21 Mar 2002 10:16:35 -0000 1.2
+++ Changes.pod 25 Mar 2002 15:41:50 -0000 1.3
@@ -11,6 +11,18 @@
=head1 ??? ver 1.32
+* guide::multiuser
+
+ o chroot(1) info
+
+ o jail(8) info (Andrew McNaughton)
+
+* guide::help
+
+ o chroot(1) urls
+
+ o jail(8) urls (Andrew McNaughton)
+
* guide::install
o James G Smith has uploaded his Apache Builder to CPAN, update the
1.8 +9 -1 modperl-docs/src/docs/1.0/guide/help.pod
Index: help.pod
===================================================================
RCS file: /home/cvs/modperl-docs/src/docs/1.0/guide/help.pod,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- help.pod 20 Mar 2002 17:43:04 -0000 1.7
+++ help.pod 25 Mar 2002 15:41:50 -0000 1.8
@@ -564,7 +564,7 @@
http://www.engelschall.com/pw/apache/rewriteguide/
-=item * articles
+=item * Security:
Security and Apache: An Essential Primer
http://linuxplanet.com/linuxplanet/print/1527/
@@ -574,6 +574,14 @@
Installing and Securing the Apache Webserver with SSL
http://www.securityfocus.com/infocus/1356
+
+The jail(1) facility:
+http://docs.freebsd.org/44doc/papers/jail/jail.html,
+http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/jail.html.
+
+The chroot(1) facility:
+http://www.bpfh.net/simes/computing/chroot-break.html and
+http://penguin.epfl.ch/chroot.html.
=item * mod_throttle_access
1.6 +6 -0 modperl-docs/src/docs/1.0/guide/multiuser.pod
Index: multiuser.pod
===================================================================
RCS file: /home/cvs/modperl-docs/src/docs/1.0/guide/multiuser.pod,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- multiuser.pod 20 Mar 2002 17:43:04 -0000 1.5
+++ multiuser.pod 25 Mar 2002 15:41:50 -0000 1.6
@@ -59,6 +59,12 @@
connection from the pool of cached connections even if it was opened
by someone else and your scripts are running on the same web server.
+Yet another security issue is a potential compromise of the systems
+via user's code running on the webservers. One of the possible
+solutions here is to use chroot(1) or jail(8) mechanisms which allow
+to run subsystems isolated from the main system. So if a subsystem
+gets compromised the whole system is still safe.
+
There are many more things to be aware of so at this time you have to
say I<No>.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
