named as non-root?

To: "Firewallers" <debian-firewall@lists.debian.org>
Subject: named as non-root?
From: "Paul Tod Rieger" <prie@abl.com>
Date: Thu, 22 Jun 2000 11:19:13 -0400
Message-id: <[🔎] 000101bfdc5d$3954ef00$0404a8c0@electra.abl.com>

On my router/firewall (2 NICs with ipmasq in between; slink/2.0.36), I run
named as root.  I'm looking for an easy way not to.

Since the Debian system already runs Apache as www-data, I'm wondering if
adding "-u www-data  -g www-data" to named's start up file would be an easy
way to run it non-root.

Would that be enough?  And would it be more secure?  Starting from Debian's
bug reports, I eventually found
http://www.psionic.com/papers/dns/dns-linux/ -- but its approach seems more
complicated.

Thanks for any help!

Tod
abl.com

Reply to:

Follow-Ups:
- Re: named as non-root?
  - From: Guido Bozzetto <GB@Nauta.it>
- Re: named as non-root?
  - From: Jim Breton <vader@conflict.net>
- Re: named as non-root?
  - From: Michael Wood <wood@kingsley.co.za>

Prev by Date: Re: minimal mail config for firewall?
Next by Date: Re: named as non-root?
Previous by thread: RE: minimal mail config for firewall?
Next by thread: Re: named as non-root?
Index(es):
- Date
- Thread