The Unix Operating System provides this funky system call called 'chroot' whereby root can change the root (or '/') directory to be any other directory on a mounted filesystem.

I use it myself when I have to boot from an install floppy of Linux, from then on working on the hard drive as if I had booted from it.

A chroot jail consists in executing a process after having executed chroot. It therefore does'nt see the rest of the filesystem. It helps secure otherwise faulty daemons such as sendmail or bind with such a bad security track record that you'd better watch your butt as much as possible. Be warned, though, that root can always exit from a chroot jail. All it takes is chroot ../../../../... This is reported as a security defect on linux-kernel every other month. According to Alan Cox, this is the correct behaviour, and would be impossible to fix anyway. The solution is to avoid running processes as root under a chroot, POSIX capabilities make it possible. It's also a good idea to mount the filesystem on which the chroot jail reside with option nosuid.

wu-ftpd, the most widely used FTP daemon, usually runs in a chroot jail for anonymous access.

Note that you usually need to provide a significant subset of the usual system directories in the chroot jail (such as /lib, /etc, /bin ...)

One annoying thing about chroot is that you can't have two directory trees chrooted. This means that if you run an anonymous ftp server, you can only have one directory tree offered inside it. Therefore, if you want to offer two filesystems on an anonymous FTP server, you have to do stupid tricks like loopback NFS mounts, or physically mount the filesystem in the chrooted anonymous ftp server tree.

Log in or register to write something here or to contact authors.