لطفا منتظر باشید ...
Summary
Running a server within a chroot jail
can be a useful security precaution for many server types, and especially for
those that don't need access to most files on the computer. Setting up the
server requires creating a partial duplicate of the regular Linux directory
tree, possibly including the server's executable file itself. You must then
either activate a server-specific configuration option to have it lock itself
into the chroot jail, or run the server with the chroot command. In either
case, the server then operates from within the chroot jail as if the
directory you set up were the root directory of the computer, thus limiting the
potential for damage the server can do if it's compromised. Doing all of this
requires some digging into a server's normal requirements for support files and
programs, copying files, and modifying startup procedures so that the server
runs in its chroot jail whenever appropriate. You must also be sure to maintain the chroot environment
so that it continues to operate as you intend.
