Forum OpenACS Q&A: Response to Bugtraq: Oracle security

Posted by Jon Griffin on
I think chroot is overkill for most situations.

Again, if you understand security your box will be hardened. If you don't chroot won't do anything as I can break your chroot in about 1 minute if I want to.

Of bigger security interest is the fact that AOLServer broke recently and now does not honor the -g flag. This implys that you have to run your web services with world read permissions. A big no, no. Why the hell does the world need to read any of your stuff.