Didn't look at the security issues as i trying to understand the chroot mecanism Not only for Apache but also for Squid and bind ! I think this module can increase the security in the near future ! Kind Regards, Farid. On Wed, 2 Mar 2005 15:21:22 +0200, John <isofroni@xxxxxxxxx> wrote: > Ok, but if you look in the bugs history then you will find that mod_security > has been suffering > from various security problems. > > I have heard that it is a good module for chroot and other security > hardening. > > > ----- Original Message ----- > From: "Farid Izem" <farid.izem@xxxxxxxxx> > To: <users@xxxxxxxxxxxxxxxx> > Sent: Wednesday, March 02, 2005 10:33 AM > Subject: Re: [users@httpd] Problem Starting Apache Chrooted > > > Yes, i said Mod_security not mod_chroot : > > Take a look at : > > > http://www.modsecurity.org/documentation/apache-internal-chroot.html > > > > Best Regards, > > > > Farid. > > > > On Tue, 1 Mar 2005 20:53:39 +0200, John <isofroni@xxxxxxxxx> wrote: > > > ----- Original Message ----- > > > From: "Farid Izem" <farid.izem@xxxxxxxxx> > > > To: <users@xxxxxxxxxxxxxxxx> > > > Sent: Tuesday, March 01, 2005 7:39 PM > > > Subject: Re: [users@httpd] Problem Starting Apache Chrooted > > > > > > > Not yet thinking on ! > > > > I compiled my apache from the lastest source before chrooting it. > > > > Maybe using a shell script using ldd command may be the first way to > look > > > at. > > > > Using rpm httpd file and mod_security is the easiest solution to > upgrade > > > > Because mod_security provide a simple solution to chroot easily > apache. > > > > There are some limits to this mecanism but maybe i could be enought > for > > > you. > > > > > > > > Any ideas on are welcome ! > > > > > > > > Kind Regards, > > > > > > > > Farid > > > > > > > > > > > > > > mod_security or mod_chroot ? > > > mod_chroot is mote focused on chrooting apache's process i think. > > > > > > What are the limitions you mentioned on this mechanism? > > > > > > --------------------------------------------------------------------- > > > The official User-To-User support forum of the Apache HTTP Server > Project. > > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > > > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server Project. > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|