chroot issues

Carter Bullard carter at qosient.com
Mon Sep 25 23:15:11 EDT 2006


Hey Russell,
I referring to the input files,  when argus reads its input from a  
pcap formatted file.
My assumption is that you won't chroot if you're reading a packet  
dump, but you
never know what people will do ;o)

Can these packet input files be outside the chroot'd directory?
I'll open the output files after the chroot and change in uid and gid.

Carter


On Sep 25, 2006, at 11:09 PM, Russell Fulton wrote:

>
>> Is this reasonable, or do we need to force the input files to be  
>> in the
>> chroot'd
>> directory?
>>
>
> I had assumed that they would be under the chroot dir since if they  
> are
> not then how do you rollover the files.  Currnently one just mv the  
> file
> that argus is writing to and when argus next tries to write to the  
> file
> it notices and closes and reopens the file.  If the file is out  
> side the
> chroot then argus will be unable to open it again.
>
> Or am I missing something?
>
> Russell
>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20060925/9c90c4cc/attachment.html>


More information about the argus mailing list