[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chroot sockets (was: Introducing the hardening-wrapper package)
From: |
Samuel Thibault |
Subject: |
Re: chroot sockets (was: Introducing the hardening-wrapper package) |
Date: |
Fri, 3 Jun 2011 10:40:03 +0200 |
User-agent: |
Mutt/1.5.12-2006-07-14 |
olafBuddenhagen@gmx.net, le Thu 02 Jun 2011 04:13:34 +0200, a écrit :
> On Tue, May 31, 2011 at 09:35:32AM +0200, Samuel Thibault wrote:
> > You just need another partition, run debootstrap in it, and chroot
> > into it. You'll need to firmlink servers/socket/{1,2} from the root to
> > get named pipes and network sockets working.
>
> Err... What's the use of sharing the pipe server between chroot and main
> system?
So that named pipes can actually work. /tmp and /var/run and things like
that also need to be firmlinked. Else the rendez-vous between pflocal
and libc doesn't work.
Samuel