Hans-Werner Hilse wrote:
This won't work. Apache doesn't have inbuilt chroot facilities, AFAIK. Like most of the other standard internet services. You would have to setup a chroot env (all dependant libraries and stuff) for that. But there's nothing similar to a chroot automatic in apache. BTW, such a thing would probably break all CGIs.
I got this idea reading "Securing & Optimizing Linux 3.0", where apache and php is running in chroot (+ a few more services like ssh, snort, ntp, bind, dhcp, ldap, mod_perl). Unfortunatelly, the book is a little out-of-date, and it is not easy to apply it to gentoo. But I think running apache+php+mod_perl in chroot would be definitelly nice feature... Jarry -- [email protected] mailing list
