vsftpd-2.1.0 and ptrace() sandboxing
Scary Beasts Security
FEBRUARY 20, 2009
The new sandboxing support mentioned in the vsftpd-2.1.0 announcement post is actually a ptrace() based sandbox. It is experimental and therefore off by default. It only currently supports i386 Linux (but there's no reason you couldn't hack the Makefile to build 32-bit on 64-bit Linux). When enabled, it only engages when using one_process_model , i.e. simple anonymous-only configurations.
Let's personalize your content