Hey plug folks, I was wondering if anyone had any good URLs for how-to's or FAQs that explain how to run Apache in a chroot jail. I'm in process of going through my server configuration and moving everything possible into a chroot jail for the extra security. The way I figure it, if someone does manage to hack into my SMTP server, or my IMAP server, or something like that, then at worst they get access to whatever is in that location, but don't get access to anything critical. I'm guessing it reduces the likelihood of someone using my system as a jumping point for spam or other hacks.
I've got the basic setup worked out for my mail servers and my DNS server. The only other open TCP port on this machine (besides 22 for ssh, obviously) is http/80. I know Apache has a module for running things in a chroot environment (mod_root?) but I've never used it, nor until just recently tried to migrate things to a chroot environment. So I'm looking for documents that show the process. Any suggestions are welcome. Basically I'm trying to minimize the exposure in case someone does try to hack me. :) --- Dan /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
