OK, I think a few weeks ago we had agreed that the front-end proxy should be chrooted away from the back-end mod_perl server (each in its own chroot jail). So we are working on getting a sample setup (for our own site). However, the resources that were posted strongly warn against doing any hard linking of resources (eg shared libraries and binaries) between and outside the chroot jails. The authors do not state why though. My thought is that /lib is going to all be owned by root and not writable. The only way to alter these files is to get root access within the chroot jail. And if you have root access within the chroot jail then you can escape chroot anyway. So is there really a vulnerability? I am concerned because I wonder if all the shared libraries that are copied to /lib in the chroot jail will cause me to have double the RAM taken up by duplicates of various shared libraries (for those running in the HTTP front-end server chroot jail and those running in the mod_perl backend chroot jail). Thanks, Gunther __________________________________________________ Gunther Birznieks ([EMAIL PROTECTED]) eXtropia - The Web Technology Company http://www.extropia.com/