[Samba] Domain controller in a chroot
Sven Schwedas
sven.schwedas at tao.at
Tue Mar 17 03:01:39 MDT 2015
On 2015-03-17 09:27, Sébastien Le Ray wrote:
> Hi list,
>
> Since it is considered “harmful” to run a domain controller that acts a
> fileserver I was considering the option of putting the AD DC into a
> chroot. Is there any special configuration to perform (except bind
> interfaces) to avoid conflicts ? (is there any broadcasting issues or so?)
chroot is not a security feature and trivial to break out of, as the AD
DC dæmon runs as root.
> Regards
> --
> Sébastien Le Ray
--
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas at tao.at | +43 (0)680 301 7167
http://software.tao.at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20150317/1144d49a/attachment.pgp>
More information about the samba
mailing list