NaviServer inside Chroot Environment

http://naviserver.sourceforge.net/ns_logobig.gif

MainSource Code Downloads API Documentation Mailing Lists Bugs Developers


Running inside Chroot Environment

Chroot

Chrooting Naviserver effectively means to run it with a special root directory. When using TCL commands like file, glob or exec only files "below" the specified path are visible, limiting access to critical files and devices. This is an important means to limit the access attackers of a website might gain.

You don't have to use the command line chroot command (see man page), NaviServer comes with built-in chroot capability.

There are scripts available with the intention to simplify and speed up the task of creating a chroot environment.

Benefits

  • Usually strong barrier for attackers
  • Access to the filesystem is limited
  • Hopefully limits the damage of previously unknown, new security holes

Disadvantages

  • The setup of a chroot cage is a cumbersome task, you have to find out every library used, absolute paths might be compiled into the code, strace will become your friend...
  • Every other application used (e.g. ImageMagick) must be chrooted
  • When using a database network support must be enabled or the socket placed into the chroot environment (?)
  • Updates and patches for Naviserver or any other chrooted tool becomes more difficult

Alternatives

  • Use Novell AppArmor and create a Profile for Naviserver