On Wed, Nov 24, 2004 at 12:37:17AM +1100, Adrian Portelli wrote:
> Last time I played with the snort chroot stuff (which, I admit was a
> little while ago now) it did not play well once you started introducing
> database support.

I haven't actually tested it yet; I was just reading the docs and comparing the installed files before implementing.
 
> If you have actually been able to get this working then I don't see why
> it couldn't be something that's looked into.

It makes sense that what you say is true. For this to work, the snort daemon probably needs to have its home as /var/mysql. I'm not sure how much an improvement to system security this would be though.

> I'm down as the current maintainer for that package but my time is a bit
> pressed ATM. If your could log a PR that would be a good start, once I
> see it come through I'll grab it.

I'm not sure if this is worth your time - it was just something I wanted to test.