What chroot() is really for
Posted Oct 4, 2007 15:09 UTC (Thu) by ebiederm
In reply to: What chroot() is really for
Parent article: What chroot() is really for
Look at the mount namespace in the kernel.
That can give the same effect as chroot but without being able to escape.
For even more strength one of the linux security modules like AppArmor or
Selinux can help.
For more support making an application look like it has the box to itself
the ongoing work on namespaces can help. Ultimately though while the
namespaces can help improve security just like chroot that isn't their
to post comments)