On Tue, 25 Jan 2005 09:40:00 PST, Casey Schaufler said: > What are the implications regarding a chroot > environment? I can imagine (although it strikes > me as somewhat insane) an admin wanting to audit > everything that goes on in a chroot environment, > say for a honeypot. The watching would have to > be enabled from outside. Not a bad thing, but is > it what you want? Well, from where I'm sitting, *if* you buy into the idea of a honeypot as being sane, you *definitely* want to be able to enable auditing from "outside".
Description: PGP signature