|
|||
security apache
Hello everyone,
I am in a freebsd 7 I need to know to secure information to secure my apache |
|
||||
the only freebsd'isms you should be aware of, is you have the option of using a Jail rather then merely a chroot.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
hello,
I would like to restrict access to process Apache file system in use Chrooter,I need help creating my Chrooter begin this process by creating a new folder with road /chroot/httpd PHP Code:
PHP Code:
PHP Code:
Examples of use "ldd", orders "strings" et "truss" are below PHP Code:
some command does not work PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
Using the "truss" we can also discover that the following configuration files must be present in the chroote environment: command works PHP Code:
Last edited by Nk2Network; 17th January 2009 at 10:21 PM. |
|
|||
Chrooter
hello
I admit to being difficult to understand and possible to have an explanation so I can understand Examples of use "ldd", orders "strings" et "truss" are below PHP Code: localhost# ldd /usr/local/apache/bin/httpd /usr/local/apache/bin/httpd: libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x280bd000) libc.so.4 => /usr/lib/libc.so.4 (0x280d6000) localhost# strings /usr/local/apache/bin/httpd | grep lib /usr/libexec/ld-elf.so.1 libcrypt.so.2 libc.so.4 localhost# truss /usr/local/apache/bin/httpd | grep open (...) open("/var/run/ld-elf.so.hints",0,00) = 3 (0x3) open("/usr/lib/libcrypt.so.2",0,027757775370) = 3 (0x3) open("/usr/lib/libc.so.4",0,027757775370) = 3 (0x3) open("/etc/spwd.db",0,00) = 3 (0x3) open("/etc/group",0,0666) = 3 (0x3) open("/usr/local/apache/conf/httpd.conf",0,0666) = 3 (0x3) (...) The above should not be applied only httpd program, but all libraries and binary files required some command does not work PHP Code: cp /usr/local/apache/bin/httpd /chroot/httpd/usr/local/apache/bin/ No such file or directory PHP Code: cp /var/run/ld-elf.so.hints /chroot/httpd/var/run/ command works PHP Code: cp /usr/lib/libcrypt.so.2 /chroot/httpd/usr/lib/ No such file or directory PHP Code: cp /usr/lib/libc.so.4 /chroot/httpd/usr/lib/ No such file or directory PHP Code: cp /usr/libexec/ld-elf.so.1 /chroot/httpd/usr/libexec/ command works |
|
|||
Anybody can help for my problem
|
|
||||
Maybe you could try explaining it to people in plain english?
(Note: the idea of a chroot/jail is to prevent chroot/jail'ed things from leaving their prision.)
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
security LOG problem | paul-lkw | FreeBSD General | 5 | 9th July 2009 05:05 AM |
Upgrade Apache 1.3 mod_ssl to Apache 2.2 | beandip | FreeBSD Ports and Packages | 11 | 26th March 2009 09:12 PM |
A failure in password security | TerryP | Off-Topic | 3 | 25th September 2008 03:19 AM |
strange security run output | deadeyes | FreeBSD Security | 5 | 2nd July 2008 04:51 PM |