chroot sockets (was: Introducing the hardening-wrapper package)

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

chroot sockets (was: Introducing the hardening-wrapper package)

From:	olafBuddenhagen
Subject:	chroot sockets (was: Introducing the hardening-wrapper package)
Date:	Thu, 2 Jun 2011 04:13:34 +0200
User-agent:	Mutt/1.5.21 (2010-09-15)

Hi,

On Tue, May 31, 2011 at 09:35:32AM +0200, Samuel Thibault wrote:

> You just need another partition, run debootstrap in it, and chroot
> into it. You'll need to firmlink servers/socket/{1,2} from the root to
> get named pipes and network sockets working.

Err... What's the use of sharing the pipe server between chroot and main
system?

For the network stack, it certainly does make sense to share the server
-- though in many situations it might be preferable to use an extra
pfinet instance too. (With different IP address of course...)

-antrik-

[Prev in Thread]

Current Thread

[Next in Thread]

chroot sockets (was: Introducing the hardening-wrapper package), olafBuddenhagen <=
- Re: chroot sockets (was: Introducing the hardening-wrapper package), Thomas Bushnell, BSG, 2011/06/02
  - Re: chroot sockets, olafBuddenhagen, 2011/06/18
- Re: chroot sockets (was: Introducing the hardening-wrapper package), Samuel Thibault, 2011/06/03
  - Re: chroot sockets, olafBuddenhagen, 2011/06/18
    - Re: chroot sockets, Samuel Thibault, 2011/06/18
    - Re: chroot sockets, olafBuddenhagen, 2011/06/26

Prev by Date: Re: IRC meeting 2011-05-25 (Wednesday!)
Next by Date: Re: chroot sockets (was: Introducing the hardening-wrapper package)
Previous by thread: Re: IRC meeting 2011-05-25 (Wednesday!)
Next by thread: Re: chroot sockets (was: Introducing the hardening-wrapper package)
Index(es):
- Date
- Thread