logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Can't get chroot jail to work

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
Scorpion



Joined: 22 Dec 2005
Posts: 2
Location: NL

PostPosted: Thu 22 Dec '05 11:08    Post subject: Can't get chroot jail to work Reply with quote

Hi there, I'm running Apache 2.0.55 / PHP 5.1.1 on Windows XP. I wrote a php script that allows me to access any file on my system. And I want to disable this by running apache in a chroot jail. So I downloaded mod_security-1.9.1-2.0.55-w32.zip. But somehow I can't get the SecChrootDir option to work. Here's what I did:

- Create a folder C:\server\www\Apache2\modules\mod_security\
- Copy to that folder: mod_security.so and the files msvcr80.dll and Microsoft.VC80.CRT.manifest.
- Add to your httpd.conf: LoadModule security_module modules/mod_security/mod_security.so
- And then added these lines to the end of httpd.conf:
<IfModule mod_security.so>
SecChrootDir c:/server/www/public_html
</IfModule>

After I restart the server, I am still able to access any file outside the root. Could someone please explain what's wrong?
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Thu 22 Dec '05 12:32    Post subject: Reply with quote

Never tried the Chooting in mod_security.


The docs says "Only the root user can escape the jail", when I understand that, when you run Apache under an Adinistartor account then it does not work.

Maybe you can try to run Apache under a user account.

Afterall I am not sure if it is running with Windows and maybe it is a Linux thingy.

Steffen
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2581
Location: Hilversum, NL, EU

PostPosted: Thu 22 Dec '05 14:28    Post subject: Reply with quote

From the author of mod_security I get the following answer:

Ivan Ristic wrote:


Windows does not support the chroot facility. It's an UNIX-only thing.

Ivan


A pity,

Steffen
Back to top
Scorpion



Joined: 22 Dec 2005
Posts: 2
Location: NL

PostPosted: Thu 22 Dec '05 17:36    Post subject: Reply with quote

Too bad, I thought I finally found an easy way to do this. Thanks anyway.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1