Hi,

I'm setting up a few chrooted shell accounts on my Debian Woody box, for my friends, using SSH's ChRootGroups. Now, I'd have a few questions regarding this.

1) Where can I find info on how to statically compile programs? Like wget, the readme says nothing about this, and I can't find any other info about this either... which actually leads me to question two.

2) Is there any security risk involved in placing libraries inside the chroot (for those programs that can't/won't be statically linked)?

3) I want to offer my users access to a mysql database. Can each chrooted user run a own process of mysql (provided that mysql is compiled inside the chroot, of course)?

TIA.

Nobody else has answered so Ill give it a shot.

Question # 1-

This is posible as you have to build an LFS system this way so I should assume you could do this in a jailed session- Look at some of the LFS docs (ie installation) to see how to compile and run progs in the chrooted enviro.

Question # 2-No this is better and I would do it to keep from having to statically link (this is a SWAG)

Question # 3
I couldnt answer this question intelligently. But I believe that could be tricky as it I guess Mysql binds to the local address/hostname so when you went to connect to myql the main instance of it running is listening on that address.

Ive never done it, just my thoughts on it.

OK, thanks for your input... I'm going to have to experiment a bit.