Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → kazuho → Jailing

kazuho / Jailing

super-easy chroot jail builder/runner for Linux

Programming Languages

perl

6916 projects

jailing

Jailing is a minimalistic, super-easy chroot jail builder/runner script.

It is by no means a container service, or tries to be. It is a helper tool for running a program under a restricted environment, preventing it from making changes to other parts of the host even if gets cracked.

When invoked, it automatically setups the chroot environment by doing the following, and then executes the given command within the environment.

remount system directories as read-only under the chroot directory tree
copy setting files (/etc/passwd, /etc/resolv.conf, etc.)
drop all capabilities (see man 7 capabilities)

The tool by default does NOT expose directories that likely contain user-data (e.g. /usr/local, /home, /var). Such directories should be exported explicitly to the jail by using the --bind option.

For example, if you have Apache HTTP server installed under /usr/local/apache, and want to run it under a jailed environment, simply run:

% sudo jailing --root=/var/httpd-jail --bind /usr/local/apache \
    -- \
    /usr/local/apache/bin/httpd -c /usr/local/apache/conf/httpd.conf

For more information, consult man jailing.

INSTALLATION

% perl Makefile.PL
% make
% sudo make install

LICENSE

MIT

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 139

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (2) 🔗