Not sure if I posted this ealier:

http://www.gsyc.inf.uc3m.es/~assman/jail/index.html

One of the few projects I've found to have almost a complete solution there...

Looks to easy for my liking :p

Good find you have there, looks as simple as it can get to use... have you tried it yet?

Originally posted by ProWebUK
Looks to easy for my liking :p

Good find you have there, looks as simple as it can get to use... have you tried it yet?


Nope.. But since some of its C I'm sure John will be happy :)

I don't have a box I can test the jail on right now...

I've actually got a really basic ssh jail working right now, with a full program copier (even searches and copies dependant libraries), but it's untested and not ready for release. The only thing left to figure out is apache's suexec patch to chroot cgi's. But agian, it's just a time issue (working on FreeBSD 5.1 right now).

John

Originally posted by DirectAdmin Support
The only thing left to figure out is apache's suexec patch to chroot cgi's.


I'll try to find the best method and get back to ya...

http://www.devet.org/apache/chroot/
http://www.modsecurity.org/documentation/apache-internal-chroot.html


They aren't perfect but since your a C programmer John you might be able to mod them to your specs..

I Hate to bring an old topic back to life, but I've got a LOT of users looking for a secure jailed environment.

I know SSH is technically "available" to users, but I don't feel comfortable opening an unjailed environment up to the world.

Any progress on this John?

Havn't touched it in a while. Doing other things like multi server control.

John

Originally posted by DirectAdmin Support
Doing other things like multi server control.

Oh! When will that be implemented? Sounds exciting...
:D

Matt :)

I think it has been mentioned that it could be included in a v2 release in a previous thread.