Re: To the bind maintainer

To: debian-devel@lists.debian.org
Cc: debian-devel@lists.debian.org
Subject: Re: To the bind maintainer
From: md@linux.it (Marco d'Itri)
Date: Sat, 22 Jan 2000 11:40:12 +0100
Message-id: <[🔎] 20000122114012.A861@wonderland.linux.it>
In-reply-to: <[🔎] 87aelzt2iq.fsf@HSE-Montreal-ppp33976.qc.sympatico.ca>; from gsstark@mit.edu on Fri, Jan 21, 2000 at 06:42:53PM -0500
References: <[🔎] 87aelzt2iq.fsf@HSE-Montreal-ppp33976.qc.sympatico.ca>

On Jan 22, Greg Stark <gsstark@mit.edu> wrote:
 
 >If you want to improve security you should implement a kernel interface for
 >non-root users to be able to do what named does. Then propose this again.
The problem can be solved either by using my version of
start-stop-daemon with capabilities support or by modifying BIND to make
is spawn a small suid program which passes back open file descriptors.

BTW, BIND should be chrooted too. It's a pity our package does not
easily allow that.

-- 
ciao,
Marco

Reply to:

References:
- Re: To the bind maintainer
  - From: Greg Stark <gsstark@mit.edu>

Prev by Date: INN upgrade
Next by Date: Re: To the bind maintainer
Previous by thread: Re: To the bind maintainer
Next by thread: Re: To the bind maintainer
Index(es):
- Date
- Thread