[Moin-user] chroot in moinmoin?

Oliver Schulze L. oliver at samera.com.py
Wed May 17 07:49:01 EDT 2006

Thomas Waldmann wrote:
>> it is possible to have a "chroot" in a moin moin installation?
> Not within moin, but maybe you can do that for the web server calling 
> moin or run the Twisted or Standalone server in a chroot.
>> Something like the open_basedir() option in php?
> moin doesn't execute user code (you have to manually install plugins 
> or be superuser to install packages).
> Even if moin crashes, it never does "buffer overflows" like software 
> written in C/C++, but just gives you a nice python backtrace on screen.
> The only critical thing is the python interpreter itself (as it is 
> written in C), but security issues are very rare for it.
Hi Thomas,
thanks for answering.

My main concern is that if moinmoin have a security issue in the future, 
I don't want
 people to use it for accessing files outside the /wiki (installation) 
They can hack my moinmoin installation, but only inside the installation 
I will have backups of the wiki data for restoring later.
Thats why I talked about the open_basedir(). That funcion in php limit
all .php scripts to open files only inside the directory you specify.

I use the open_basedir() in php and it probed useful when phpbb got hacked.
I know moin moin is way better programmed than phpbb, but I wanted to have
that double security.


Oliver Schulze L.
<oliver at samera.com.py>

More information about the Moin-user mailing list