Date: Wed, 2 Dec 2015 21:52:59 -0800 From: Aleksandr Miroslav <alexmiroslav@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: best practice for locking down private jail? Message-ID: <CACcSE1yqeXqd=mLJ-=aJGr0hXcUEE0v3MeiAty6e4cgpWF7D8g@mail.gmail.com> In-Reply-To: <CACcSE1yQO8AjW9rpY%2Bd2p1-ArPbO4qKV0zcaCMyRhYEWLOpQGA@mail.gmail.com> References: <CACcSE1yQO8AjW9rpY%2Bd2p1-ArPbO4qKV0zcaCMyRhYEWLOpQGA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 2, 2015 at 9:44 PM, Aleksandr Miroslav <alexmiroslav@gmail.com> wrote: > - from the example.org machine, outside the jail, i setup httpd to > serve files only from > /usr/jails/privatejail/usr/home/joeblow/audiofiles [...] > can I tell Apache to only serve up mp3 files of name > lecture-num.mp3 or something like that? Thinking about this some more. I think instead of having apache point to the jail directly, I setup a cron job on the host that calls a script that runs every 5 minutes or so, and copies only mp3 files of some pattern-matched name to the host system, and then only that is served up by apache. That would work better I think. It would have to be a cron job on the host, I don't think I can have a script from inside the private jail call something directly on the host.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACcSE1yqeXqd=mLJ-=aJGr0hXcUEE0v3MeiAty6e4cgpWF7D8g>