Chroot Users With sftp

General Information

This walkthrough will root your users to their home directory for those users you don’t want browsing all over your FreeBSD machine. I would suggest doing this at your console or possibly running a script to kill all the running sshds and then starting the sshd2 deamon.

[Read more...]

Chrooting Apache and PHP

General Information

Chrooting has been around for a long time now. Chrooting makes a program believe that the root of the file system is higher up in the hierarchy. For example, if I wanted to create a chroot in /chroot/httpd, a program executed from within the chroot would believe that “/chroot/httpd” was actually “/”. There in lies the beauty as the program can’t reach any files outside “/chroot/httpd”. Security of the server as a whole is increased due to the fact that the system binaries are off limits. In addition, chroots usually only have the bare minimum files inside, so exploits have a harder time breaking in.

[Read more...]