Date: Thu, 3 Dec 2015 07:39:23 +0000 From: Steve O'Hara-Smith <steve@sohara.org> To: freebsd-questions@freebsd.org Subject: Re: best practice for locking down private jail? Message-ID: <20151203073923.17dae0c41a2b5e29a5b3a3dd@sohara.org> In-Reply-To: <CACcSE1yQO8AjW9rpY%2Bd2p1-ArPbO4qKV0zcaCMyRhYEWLOpQGA@mail.gmail.com> References: <CACcSE1yQO8AjW9rpY%2Bd2p1-ArPbO4qKV0zcaCMyRhYEWLOpQGA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Dec 2015 21:44:01 -0800 Aleksandr Miroslav <alexmiroslav@gmail.com> wrote: > So I'm setting up a server for a friend who wants to upload audio > files and have them served up via http. i.e. He uploads lecture.mp3 to > example.org, and wants people to be able to access it via > http://example.org/audio/lecture.mp3. > > He's somewhat tech savvy, but I'm being super paranoid about security, I'll jump in here. If you are serious about locking this down as tight as possible then don't use Apache, use a minimalist web server that can only serve static files (thttpd can be set up this way - there are others). I would set up two jails - one as the upload jail the other the web server and use a cron job on the host to move verified mp3 files (not just by name use file at least) into the directory served by the web server. Both jails stripped down so they pretty much can't do anything else. FInally I'd use pf to lock down the traffic so that nothing gets to the jails that shouldn't. I'm a firm believer that security starts by removing the capabilities that you don't need - if it's not there it can't be compromised, so ideally run applications in jails not complete system images. -- Steve O'Hara-Smith <steve@sohara.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151203073923.17dae0c41a2b5e29a5b3a3dd>