Linux Orbit: Chroot Jails Made Easy with the Jail Chroot Project
Oct 15, 2002, 11:30 (1 Talkback[s])
(Other stories by John Gowin, Chris Heaven)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
[ Thanks to John
Gowin for this link. ]
"There are always difficult jobs to do as a GNU/Linux system
administrator. Sometimes the difficulty lies in finding out how to
do a particular job, not neccessarily the job itself. This can be
particularly true in the open source world where documentation can
often take a back seat to implementation. But once in a while, you
can stumble on a real gem that simplifies even the most difficult
administration tasks. One such gem is the Jail Chroot Project.
"So what is a 'chroot jail'?
"Essentially it is a security method for creating a safe user
enviroment on systems that allow remote access accounts. The 'jail'
locks users into a virtual directory structure and grants access
only to applications created for the jailed users by the
administrator. It has long been a standard for hosting companies to
create remote access accounts with this method, but the process was
far from simple. Creating each account took many steps and needed
thorough testing to assure system security..."