I am using the following watchdog.conf to CHROOT & jail resin.
<resin xmlns="http://caucho.com/ns/resin";>
  <user name="harry" password="MD5HASH=="/>
  <watchdog id=www.domain.com>
After running the watchdog and starting the domain, I am able to use file.io
to read any file on the server.  I want to prevent virtual hosts from
reading files that they shouldn't have access to.  I think that I must be
missing something somewhere, but I'm not sure what?  I know that CHROOT/JAIL
typically has many steps involved with Tomcat, is that the same with Resin?
Last twist::::If I am running Resin in conjunction with Apache does that
cause additional CHROOT issues?
Can resin handle multiple certs for virtual hosts using a watchdog.conf
setup?  I primarily use apache for mod_rewrite & ssl certificates.
resin-interest mailing list

Reply via email to