Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave's 2024 Retail Report Series Highlights Alarming E-Commerce Threats and Growing Fraud Against Retailers. Learn More
I've added a new (and experimental) feature to mod_security (CVS and Apache 1.x only at the moment) that greatly simplifies the process of chrooting in most cases.
Essentially, the chroot call is made from Apache itself, at the very end of the initialisation process. The beauty of it is that Apache performs everything it needs (shared libraries, log files) before the chroot call and that allows you to put only data files into the jail.
I've written a short article here:
http://www.modsecurity.org/documentation/apache-internal-chroot.html
and the link in CVS is (again, only Apache 1.x):
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/mod-security/mod_security/apache1/mod_security.c?rev=1.4
What I have described works perfectly for me but I am interested to hear other opinions (or experiences). If you are interested please give it a try and let me know how you feel.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.