* Stefan N <stefanbsd...@yahoo.com> [2012-01-01 17:06]: > For example,apache webserver is installed in chroot environment by default.
no, it isn't. it chroots itself. > Are there specific guidelines to check and verify whether the > application should or should not be installed in chroot environment? if you ask that question there is very likely no point in you to "check and verify" wether a certain application should be chrooted. chroot by itself is not a security measure to begin with. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/