Bug #1792

virtual hosts and chroot security flaw

Added by Anonymous over 11 years ago. Updated over 11 years ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Missing in 1.5.x:


I use lighttpd in a chroot jail for security reason
until today I had only one server running into /srv/httpd jail directory
this server run a CGI C++ program to create content.

today I had to setup 2 virtual hosts, let says and
so what I wanted to do is to set a server.chroot option in each virtual host section... this totaly broke the server that endend chrooted in the last server.chroot option (ie the last vhost)

right now I fixed this by using a server.chroot=/srv/httpd and different document roots...

however since I use a cgi program this program can access to other virtual hosts documents.... which I don't want...

I would like to be able to specify a chroot for each virtual host, how can I do that?


-- jeanluc.malet


Updated by stbuehler over 11 years ago

  • Status changed from New to Fixed
  • Resolution set to invalid
  1. this is a bug tracker, not a support forum
  2. one process can only have one chroot

Updated by hoffie over 11 years ago

--- too slow ---

You cannot do that. Lighttpd is a single-process web server, and a process only has one root (i.e. calling chroot() will affect the whole process). This is nothing which lighttpd can influence, it's a design "limitation" (or rather decision) in unix-like systems.

If you really need privilege seperation on the web server level, use multiple lighttpd instances. If you need it on the dynamic (i.e. *CGI) level only, you can use techniques like switchboard or hack up a custom spawn-fcgi-based script.

All in all, this is not a lighttpd issue.


Updated by stbuehler over 11 years ago

  • Status changed from Fixed to Invalid

Also available in: Atom