Private Prison
Virtualization is fine and all, but sometimes it can be overkill if all you want to do is run a program that you think could pose a threat to your system. chroot jails offer a light, fast, and well-tested alternative.
Creating secure environments with chroot
|
© Martin Hartinik - 123RF.com
Some of the riskiest things you can do to your system are run software pulled off the Internet from an unfamiliar site or run applications that have not been tested and that might contain fatal bugs. In either case, it is never advisable to risk your data and hardware by running dubious apps directly on the system you use for your daily work and play.
However, you don't have to give up trying out new software. It could even be a job requirement if you work in IT developing potentially dangerous code – and, let's face it, all experimental code is potentially dangerous. In Linux, you can create a closed and controlled environment to do these things, and that's what chroot is all about.
Personal Space
Using chroot is in some ways similar to virtualizing a system but is much more limited in scope. Instead of recreating an entire computer system, chroot allows you to create a guest shell and an (initially) empty filesystem on a directory of your choice within your own directory tree.
[...]
Use Express-Checkout link below to read the full article (PDF).
Buy this article as PDF
Express-Checkout as PDF
Pages: 2
Price $0.99
(incl. VAT)
(incl. VAT)
Buy Ubuntu User
TABLET & SMARTPHONE APPS
US / Canada
UK / Australia
Related content
-
Container Management with Docker
Docker is an economical alternative to conventional virtualization. Because each Docker containers share the underlying operating system, it enjoys the resource isolation and allocation benefits of VMs but is much more portable and efficient.
-
LXC containers in practical use on the desktop
LXC containers are not just for developers. Adventurous users can also find uses for them.
-
Use multiple distributions at the same time with Bedrock Linux
Bedrock transparently combines virtually any number of distributions with different architectures, package management, and init systems under a filesystem.
-
Encrypted ZFS with Ubuntu
ZFS is one of the most advanced filesystems, and now it can be used natively on Linux. One drawback is that native ZFS encryption is not available, but this article shows how use Linux's disk encryption to install Ubuntu onto an encrypted disk with ZFS.
-
Simplify the safeguarding of programs with Firetools
The Firetools graphical user interface simplifies the use of the security software Firejail and also supplies useful statistics and overviews.