I am using the following watchdog.conf to CHROOT & jail resin.
<user name="harry" password="MD5HASH=="/>
After running the watchdog and starting the domain, I am able to use file.io
to read any file on the server. I want to prevent virtual hosts from
reading files that they shouldn't have access to. I think that I must be
missing something somewhere, but I'm not sure what? I know that CHROOT/JAIL
typically has many steps involved with Tomcat, is that the same with Resin?
Last twist::::If I am running Resin in conjunction with Apache does that
cause additional CHROOT issues?
Can resin handle multiple certs for virtual hosts using a watchdog.conf
setup? I primarily use apache for mod_rewrite & ssl certificates.
resin-interest mailing list