named as non-root?
On my router/firewall (2 NICs with ipmasq in between; slink/2.0.36), I run
named as root. I'm looking for an easy way not to.
Since the Debian system already runs Apache as www-data, I'm wondering if
adding "-u www-data -g www-data" to named's start up file would be an easy
way to run it non-root.
Would that be enough? And would it be more secure? Starting from Debian's
bug reports, I eventually found
http://www.psionic.com/papers/dns/dns-linux/ -- but its approach seems more
complicated.
Thanks for any help!
Tod
abl.com
Reply to: