chroot+Apache: possible to place logfiles outside chroot cell?

chroot+Apache: possible to place logfiles outside chroot cell?

Post by Dorothea Mücke-Herzber » Fri, 13 Aug 1999 04:00:00



Hi there,

I was wondering whether there is a way to place the apache logfiles
outside of a chroot cell, so that they aren't accessible to some
creative
soul, who gained access to the chroot cell. (running Linux 2.2.6)

The ErrorLog directive already has the facility to pass the errors to
syslogd (which can bind to several /dev/log so that it can pick up
messages
in the chroot cell and place them in /var/log/messages), but what about
the other
log files?

Any ideas?

thanx

Dorothea

 
 
 

chroot+Apache: possible to place logfiles outside chroot cell?

Post by Tony Finc » Fri, 13 Aug 1999 04:00:00



>I was wondering whether there is a way to place the apache logfiles
>outside of a chroot cell, so that they aren't accessible to some
>creative soul, who gained access to the chroot cell. (running Linux
>2.2.6)

>Any ideas?

Probably the easiest and most secure way to do it is to change Apache
so that each child chroots just after it is forked off. The parent
then remains outside the chroot for opening log files etc. You have to
make sure that all the relevant pathnames work both inside and outside
the chroot.

Tony.
--


 
 
 

1. BIND config tool + How do I select between chroot and no chroot?

I am having problems setting up a (very basic) DNS server in my new
RedHat Linux box. I have found some references to a BIND Configuration
Tool, which is nowhere to be found.

I would like to start with a simple configuration, without the chroot
jail.

 - How do I turn off chroot?

 - Where can I find some sort of BIND Configuration Tool?

TIA,

-Ramon

2. Help Linux Mandrake 8.1!!!

3. Running chroot applications in a chroot environment

4. XConfig wanted for:

5. placing session in chroot'ed environment

6. What's the best K6-3 mobo?

7. How to chroot Apache in OpenBSD 2.9?

8. Explain "7340036" in ctime.c

9. chroot apache

10. chroot apache 1.3.22 on aix 4.3.3

11. PHP's exec() in Apache chroot

12. Apache 1.3.20 and chroot

13. Apache's suexec with chroot?