This shows you the differences between two versions of the page.

Link to this comparison view

litespeed_wiki:config:chroot [2015/07/29 16:00] (current)
Michael Alegre created
Line 1: Line 1:
 +====== LiteSpeed in chroot jail ======
 +===== What is chroot =====
 +"​chroot"​ is a feature on Unix like system which can change the root directory of a process. A changed root process and its children process cannot access any file beyond the new root directory. It is like putting a process in a jail with physical file access boundries and the reason why this mechanism is often referred to as "​chroot jail".
 +===== Why chroot a web server =====
 +"​chroot"​ is a great way to enhance the security of any web facing server. It is not possible to guarantee that a system will never be compromized by a hacker due to vulnerable software or CGI scripts. However, by running the server inside a chroot jail, potential damage can be minimized.
 +===== How to setup chroot environment =====
 +Setting up a correct "​chroot"​ environment is not an easy task: one needs to provide a minimum set of directories,​ device nodes and shared libraries that application needs in order to function properly. ​
 +For a web server, the difficult part is building the proper chroot environment:​ finding out what shared libraries are required by CGI applications.
 +LiteSpeed server has built-in chroot support which can automatically build a working chroot environment with PHP support at installation time, and provide a general tool to help you identify missing files required by a CGI application. The chroot feature is only available with LiteSpeed Enterprise Edition. ​
  • Admin
  • Last modified: 2015/07/29 16:00
  • by Michael Alegre