Matthias Bethke wrote: > Hi Vaeth, [...] > > > > Also a chroot jail is not a security feature: There are several > > ways known how to break out. > > [...] But there's only one reason I can see why you'd use a > chroot environment *except* for security and that's to have more than > one set of system binaries active at the same time for different > applications.
Or simply several systems (e.g. amd64 and x86, or gentoo and debian, or your boot disk and your newly installed system [the install handbook makes massive use of chroot]). This is exactly what chroot was made for. > I'd say the vast majority of chroot jails are there for nothing > else but security. Alan Cox: "chroot is not and never has been a security tool", see e.g. http://kerneltrap.org/Linux/Abusing_chroot
