|
From: | Olivier Sessink |
Subject: | Re: [Jailkit-users] chroot Jail for Python |
Date: | Wed, 06 Jun 2007 08:23:24 +0200 |
User-agent: | Icedove 1.5.0.10 (X11/20070329) |
Gregory Piñero wrote:
Well, there's a fakeroot (that you're talking about) and then there's a fakeCHroot which is the one I was talking about. See what you think about the one I'm talking about: http://fakechroot.alioth.debian.org ?
oh sorry, missed that ;-)fakechroot seems to work in the same way as fakeroot: it also replaces the chroot() system call with a system call that doesn't need root privileges and that 'fakes' it instead. See its man page: fakechroot is a regular, non-setuid program. It does not enhance a user's privileges, or decrease the system's security.
jk_uchroot is the real thing. it is a setuid binary that does the real chroot() call and drops the root privileges afterwards. But it does really give you more security. And you really need to be root to install it.
regards, Olivier
[Prev in Thread] | Current Thread | [Next in Thread] |