best practice for locking down private jail?

Steve O'Hara-Smith steve at sohara.org
Thu Dec 3 07:55:19 UTC 2015


On Wed, 2 Dec 2015 21:44:01 -0800
Aleksandr Miroslav <alexmiroslav at gmail.com> wrote:

> So I'm setting up a server for a friend who wants to upload audio
> files and have them served up via http. i.e. He uploads lecture.mp3 to
> example.org, and wants people to be able to access it via
> http://example.org/audio/lecture.mp3.
> 
> He's somewhat tech savvy, but I'm being super paranoid about security,

	I'll jump in here. If you are serious about locking this down as
tight as possible then don't use Apache, use a minimalist web server that
can only serve static files (thttpd can be set up this way - there are
others). I would set up two jails - one as the upload jail the other the
web server and use a cron job on the host to move verified mp3 files (not
just by name use file at least) into the directory served by the web
server. Both jails stripped down so they pretty much can't do anything else.
FInally I'd use pf to lock down the traffic so that nothing gets to the
jails that shouldn't. I'm a firm believer that security starts by removing
the capabilities that you don't need - if it's not there it can't be
compromised, so ideally run applications in jails not complete system
images.

-- 
Steve O'Hara-Smith <steve at sohara.org>



More information about the freebsd-questions mailing list