[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: To the bind maintainer

On Jan 22, Jason Gunthorpe <jgg@ualberta.ca> wrote:

 >No it doesn't. You just run it as root and have it make the proper
 >capabilities syscalls before switching to not-root. You need the FS patch
 >if you want to do the above *without* changing bind's source.
This is useful only if you also use chroot.
If cracker gets UID 0 he can just edit /etc/shadow...


Reply to: