chroot_safe News
Brought to you by:
hno
Menu
▾
▴
Posted by
2005-04-09
Posted by
2004-09-13
Posted by
2004-09-09
Posted by
2004-06-11
chroot_safe / News: Recent posts
chroot_safe 1.4 released
chroot_safe is a tool to chroot any dynamically linked application in a safe and sane manner. It is designed to replace chroot and su nobody -c while at the same time addressing some of the major shortcomings of these tools. It was originally designed for chrooting anoncvs servers, but is equially useful numerous other applications where you need chroot for security.
Version 1.4 contains updated documentation better explaining the purpose and function of this security tool.... read more
2005-04-09
chroot_safe 1.3 (stable) released
chroot_safe is a small tool replacing chroot and friends, allowing you to chroot almost any application in a sane and safe manner.
Version 1.3 is a security update to remove the NEED_SETUID_WRAP option. This option has been available since the initial release, but was turned on by default in version 1.2. Only after the release of 1.2 was it realized that this option actually invalidates part of the purpose of chroot_save, as it not only nullifies setuid() and similar calls for the application but also for chroot_safe itself, causing chroot_safe to not drop root privileges. Users of version 1.1 are not affected unless they have manually enabled the NEED_SETUID_WRAP option.... read more
2004-09-13
chroot_safe 1.2 released
chroot_safe 1.2 released
chroot_safe is a small tool replacing chroot and friends, allowing you to chroot almost any application in a sane and safe manner.
version 1.2 is an update to increase portability. The software is now verified on Solaris on addition to Linux and FreeBSD and is expected to run on mostly any UNIX like system with LD_PRELOAD support.
You can find this latest release here:
https://sourceforge.net/project/showfiles.php?group_id=110671&package_id=119556
2004-09-09
chroot_safe 1.1 (stable) released
A new tool has emerged on the security field to ease the job of security minded server administrators.
chroot_safe greatly simplifies the job of chrooting server applications by minimizing the number of files required within the chroot jail, and also combines the functions of chroot and su -c in one single and easy to use tool.
The big difference from other "chroot" type tools is that chroot_safe can chroot any dynamically linked application anywhere without requiting the application or any of it's libraries to be present within the chroot jail. By utilizing some dynamic linking magics via LD_PRELOAD chroot_safe instruments dynamically linked applications with the code required to chroot and drop root privileges just after dynamic linking has completed but before the application as such is started.... read more
2004-06-11
