Process containment has been used for quite a long time in the computing world for the use of testing beta software and increasing the security of a process. Containing a process, which is commonly known as “jailing” a process, removes a process from the full system and stops activity inside of the container from affecting anything outside the container. There are several jailing tools available, but this paper will discuss two tools available as part of all major Linux distributions: chroot, and User-mode Linux. This document will explore some of the general ideas of how process containment is performed with chroot and User-mode Linux, and how to help ensure that a successful attack on a jailed process does not affect the main system.
Did you find this white paper useful?
34 out of 50 users found this white paper useful
Related white papers
Make the Move from UNIX to Linux: Now is the Time
UNIX generally requires expensive proprietary software and hardware as well as budget-draining annual maintenance costs. These expenses are a key factor in recent wide-spread migrations to other platforms, specifically Linux....
SUSE Linux Enterprise: Differentiation Through Interoperability
Heterogeneous IT environments are a fact of life in large organizations. According to recent Gartner research, more than two thirds of all enterprise data centers operate mixed hardware and software...
WinTel Server 10 Times Less Expensive to Operate Than Linux Mainframe Audit Report
This report provides an auditor’s commentary of the Mainframe Linux Benchmark Project. It reviews the benchmark process and its appropriateness for the project at hand, the soundness of the...
Omaha Steaks and IBM Serve up Well-Done e-business
From its headquarters in America’s heartland, Omaha Steaks sells a variety of premium steaks, red meats and other gourmet foods. Although the company had established a successful Internet presence, fulfillment...
Deploying an Open Source HPC Environment on an IBM eServer BladeCenter JS20 Using SUSE LINUX Enterprise Server 8 and CSM
Cluster Systems Management (CSM) provides a distributed system management solution that allows a system administrator to set up and maintain a cluster of nodes that run the Linux operating system....
SUSE Linux Enterprise 10 SP2: Virtualization Technology Support
SUSE® Linux Enterprise Server 10 provides integrated Xen-based virtualization, which can be used to provision, de-provision, install, monitor and manage multiple virtual machines (VMs) on a single physical system. Out...
SUSE Linux Enterprise Server: The Solution for Mission-critical Computing
Dealing with costly and inflexible infrastructure that doesn't deliver enough value? Your data center should drive business forward--not derail it. It's time for a better choice in enterprise computing, and...
