|
I have
only recently began tinkering around with freeVSD myself and cannot help with
most of your questions.
In
fact, I would like to know the answers to some of them myself. I can,
however, answer your last question.
All
communications pass through the host before they make it to the virtual
servers. Therefore, ipchains can be
used
as normal. freeVSD does use a redirection program to redirect TCP port 80
to 8080 so that Apache does
not
have to run as root. You will need to take this into consideration when
setting up your ipchains.
Hello all,
I have just joined the mailing list. And
downloaded and have browsed the doucmentation. I had a few questions before I
start loading the software up.
I understand how the vc in general work, will
learn with time the details. I looked thru the faqs and was able to glean some
information on my security issues.
The first questions is inside each vc, the
programs available to them are hard linked back to the system functions, is
this correct? ie.. the gcc compiler in their vc is hard linked back to
gcc.
Assuming the above, when there are updates to RH
all will be updated via the links back to the origional program?
Next, I usually run bastile linux to go thru and
remove suid's ect, change gcc to root only, change the system passwords so
nobody can log in as root and must su to the admin name, ect.. Tidy things up.
Will this break freevsd?
Another issue, I usually setup ipchains on the
interface, does this mean that I will have to setup ipchains on each vc? do
they talk directly to the network cards, or is communications via the
underlying system.
Any insight or pointers to the doucmentation on
this would be greatly appreciated.
Regards,
Rod Longhofer
| 