OT:chroot on a webserver? and hlfs roadmap. Security beginner's question.

R.Welz linuxprodukte at gmx.de
Sat Oct 9 07:43:53 PDT 2004


Thank you very much for your answer. -

Great. This way I will get a spare Celeron 2.44 for building a hlfs 
router/firewall.

Besides, does somebody know the answer to my chroot questions? It would 
save some time if I knew which service works with chroot and which not. 
This way I don't need to test every service with the chroot jail.

Greetings,
Robert




Am 09.10.2004 um 02:45 schrieb ashes at SecondFloor.Utopia.hai:

> On October 8, 2004 02:37 am, R.Welz wrote:
> ....
>> Or would that be a bad Idea to have a web server as router and 
>> firewall
>> for an intranet ? I mean I cannot have a dmz since I don't have enough
>> computers but  there is only a Mac with 1 TB of valuable data like
>> rendered film material and all my e-mail.
>
> Lots of people do that. The only service I can think of having a 
> problem on a
> firewall is ftpd with active transferring. Aside from that the only 
> issue
> would be with having a bottleneck. Under normal conditions it should 
> be okay,
> but if one service gets flooded then all services loose quality. I 
> think it
> should be fine though.
>
>> And last question... Is there some roadmap when it is possible for me
>> to start with hlfs and a 2.6.x kernel? I mean I would accept any alpha
>> or beta release but I don't want to start with the hlfs book and the
>> 2.6 kernel all on my own. I am an experienced software developer but I
>> don't know if I am that good to do all that testing stuff giving me
>> errors over errors on my own. Any suggestion when I should invest my
>> spare time in that project wich a chance to succeed with Kernel 2.6.x 
>> ?
>>
>> Ideas and/or suggestions on the last question would be very cool, 
>> since
>> I really want to start with hlfs (I read the 2004-06-07 book) but I
>> hardly see a chance to succeed with Linux-Kern 2.6).
>
> I've attached the linux-libc-headers-2.6-frandom patch to use with 
> lfs-6.0.
> The rest of the patches should be on 
> linuxfromscratch.org/patches/downloads/
> (for linux, gcc, glibc). The autopie patch is missing for gcc-3.4 so 
> far. I'm
> having some issues with lfs-6.0/lfs-unstable, but I noticed something 
> tonight
> that might change things. The gcc ssp testsuite keeps failing for me, 
> I think
> the glibc patches need to get edited again (gcc side should be okay). 
> So you
> might want to wait a bit. I hope it'll be fixed for this weekend.
> <linux-libc-headers-2.6-frandom-1.patch>--
> http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
> FAQ: http://www.linuxfromscratch.org/faq/
> Unsubscribe: See the above information page




More information about the hlfs-dev mailing list