Re: To the bind maintainer

To: debian-devel@lists.debian.org
Cc: debian-devel@lists.debian.org
Subject: Re: To the bind maintainer
From: md@linux.it (Marco d'Itri)
Date: Sat, 22 Jan 2000 21:57:28 +0100
Message-id: <[🔎] 20000122215728.E30104@wonderland.linux.it>
In-reply-to: <[🔎] 20000122033239.BD1A31B9D0@chunks.gag.com>; from bdale@gag.com on Fri, Jan 21, 2000 at 08:32:39PM -0700
References: <[🔎] 20000122033239.BD1A31B9D0@chunks.gag.com>

On Jan 22, Bdale Garbee <bdale@gag.com> wrote:

 >Let me also point out in closing that running non-root is only one way to 
 >increase the theoretical security of the bind package.  The daemon also 
 >provides explicit support for running chroot'ed.  There are pros and cons to
If the program has UID 0 and full capabilities then an exploit can
trivially escape out of the chroot jail.

-- 
ciao,
Marco

Reply to:

References:
- Re: To the bind maintainer
  - From: Bdale Garbee <bdale@gag.com>

Prev by Date: Re: INN upgrade
Next by Date: Re: To the bind maintainer
Previous by thread: Re: To the bind maintainer
Next by thread: Re: To the bind maintainer
Index(es):
- Date
- Thread