Chroot doesn't provide the resource restrictions (needed to provide security) that things like OpenVZ, Solaris Zones and BSD Jails do. See http://kerneltrap.org/Linux/Abusing_chroot
If your running a distro with a recent kernel and the lxc userspace utilities, lxc would do what you're looking for. It is however new, OpenVZ is a lot more mature. On Thu, Sep 2, 2010 at 11:15 AM, Rich Shepard <[email protected]>wrote: > Is it possible, and practical, to isolate a Web site in a chroot jail > that > would protect other, internal, applications if the site was cracked? > > Thanks, > > Rich > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > -- Dwight Hubbard Owner Effective Automation Solutions Website: http://effectiveautomationsolutions.com Blog: http://computing.dwighthubbard.info Email: [email protected] Phone: (503) 941-0327 Toll Free: (866) 396-1198 Redhat Certified Engineer - RHCE #804007137224095 VMware Certified Professional - VCP #18529 _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
