Back to Security Pattern Catalog




chroot Jail


Classification Key : Core Security, Tampering

Problem

Compartmentalization is a high level pattern that suggests breaking up the task into smaller processes. It does not eliminate the problem of compromise in one process affecting other processes because processes communicate. Distributing responsibility among processes reduce this vulnerability. However, processes having shared resources are still not secure from attack. How can we design a system that is secure in a manner that compromise in one process does not affect another?

Solution

Run the processes under separate least privilege user ids. Also, the programs/processes should be run in a controlled environment with limited access to system files. This will limit the exploits of an attacker. In UNIX, this is achieved by running the processes in a chroot jail.

Known Uses

Almost all Postfix processes run inside a chroot jail.

Related Patterns

Server Sandbox

Source

Hafiz et. al

Tags

Sandboxing, chroot


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz