Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
81828384858687888990
4.6.11 chroot Directory Jail
chroot is a directory jail. It starts up an application in a specified directory and restricts
users to accessing that directory and the directories below it. It prevents users from
changing directories above that specified directory. It is intended to restrict file and
directory access to users of that application while they are using the application.
You must enable chroot for an application. You must create new directories and copy
the relevant set of files into those newly created directories.
You can optionally set up ssh, scp, and sftp with a chroot directory.
The HP-UX Secure Shell README file in /opt/ssh/README.hp explains the chroot
feature, the chroot setup script, and the specific files that this script copies to enable
ssh, sftp, and scp for a chroot environment. Refer also to chroot(1M).
The chroot setup script is in the /opt/ssh/utils/ssh_chroot_setup.sh file,
which is part of the HP-UX Secure Shell software product (Secure Shell 4.30.004/005).
84 Remote Access Security Administration