On 10/10/07 16:32, Chris Rapier wrote:
> Just as a note:
> http://kerneltrap.org/Linux/Abusing_chroot

Of course chroot can be abused. You have to know what you're doing to
set it up correctly.

> This isn't to say that chroot jails aren't useful. Only that they aren't
> a fix all. Further exploration of other methodologies seems like it
> would be an overall benefit to the community.

For me, ssh is so far from providing application security as to make it
a non-starter.

[Top-posting is a sign of fuzzy thinking.]

Jefferson Ogata
NOAA Computer Incident Response Team (N-CIRT)
"Never try to retrieve anything from a bear."--National Park Service
openssh-unix-dev mailing list