Sat Jun 29 12:07:36 EDT 2013

Securing a chroot env?

Main idea is to prevent privilege escalation: once root, it's possible
to escape the chroot.

* Disable all passwords in /etc/shadow
* Remove setuid binaries?  $ find -perm +6000 -type f -ls
* remove software that is not necessary

Hmm... reading a bit it seems that it's quite a lot of work to patch
known vectors, and then still.

Maybe best to switch to something else?