"Logging" In to a chroot
At this point, you'll be able to access the chroot with a command such as $ chroot /chroot/ bash, which will chroot you into the /chroot/ directory and execute bash from within it.
As I mentioned, chroot is not an inherently secure method for isolating applications. By not logging into the chroot as a privileged user such as root, and by removing any setuid and setgid binaries that run with elevated privileges, you can ensure that nothing runs as root within the chroot environment:
# find / -type f -perm +6000
Sandboxing is now easier than ever and its benefits have never been more important. Isolating badly written web applications from the underlying operating system or letting an administrator install a program without affecting the system can save both time and money. Like anything, prevention and foresight can significantly reduce the amount of work needed to maintain and fix a system long term, and sandboxing offers a practical tool to accomplish this.
- Bochs: http://bochs.sourceforge.net/
- KVM: http://kvm.qumranet.com/kvmwiki
- OpenVZ: http://openvz.org/
- QEMU: http://fabrice.bellard.free.fr/qemu/
- User-Mode Linux: http://user-mode-linux.sourceforge.net/
- VMware Server http://www.vmware.com/products/server/
- VirtualBox: http://www.virtualbox.org/
- XEN: http://xensource.com/
- Debian chroot instructions: http://www.debian.org/doc/manuals/reference/ch-tips.en.html#s-chroot
- Free VPS: http://www.freevps.com/
- Linux-VServer: http://linux-vserver.org/
- AppArmor: http://www.novell.com/linux/security/apparmor/
- SELinux: http://www.nsa.gov/selinux/
Buy this article as PDF
Linux Magazine will include the best of both magazines.
Popular open source encryption tool is vulnerable to attack
New “Yakkety Yak” edition emphasizes cloud and servers
Google finally enters the phone hardware business.
Innovative system adds a hard drive and Ubuntu Core to the RPi for an IoT hub.
Linux is two weeks younger than we thought!
The Apache Software Foundation considers retiring OpenOffice
Adobe won’t kill the plugin in 2017
Linux Foundation's big event celebrates the 25th anniversary of Linux