[tor-talk] Securing a Relay - chroot
CACook at quantum-sci.com
CACook at quantum-sci.com
Wed May 25 19:30:58 UTC 2011
I am seeing evidence that a chroot jail is not secure, even in Linux, due to breakouts such as someone running os.fork() from python and spawning processes to do bad stuff.
For torrents I run Debian in a VirtualBox virtual machine which is bridged directly to The Internets, with the VM user and user inside being very non-prived. My best information is that this is quite secure.
Has anyone done any research on best practices for securing a daemon?
More information about the tor-talk
mailing list