The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
If the DNS name service daemon (named
) runs
in a chroot jail, any hacker that enters your system via a BIND
exploit is isolated to the files under the chroot jail
directory. Installing the bind-chroot
package
creates the /var/named/chroot
directory,
which becomes the chroot jail for all BIND files.
You can configure the vsftpd
FTP server to
automatically start chroot jails for clients. By default,
anonymous users are placed in a chroot jail. However, local
users that access an vsftpd
FTP server are
placed in their home directory. Specify the
chroot_local_user=YES
option in the
/etc/vsftpd/vsftpd.conf
file to place local
users in a chroot jail based on their home directory.