Re: chroot bind?

To: Nicholas Lee <nj.lee@plumtree.co.nz>, debian-devel@lists.debian.org
Subject: Re: chroot bind?
From: Bryan Andersen <bryan@visi.com>
Date: Fri, 20 Apr 2001 03:05:24 -0500
Message-id: <[🔎] 3ADFEDC4.D56FFA18@visi.com>
Reply-to: bryan@visi.com
References: <[🔎] 20010420194712.C32716@cone.kiwa.co.nz>

Nicholas Lee wrote:
> 
> Please CC: not subscribe.
> 
> I'm interesting in doing some work to provide a bind-chroot package.
> (Its in fact pretty simply to copy the openbsd setup.)
> 
> The basic thing I'm not sure about is how something like this would fit
> into the debiab policy.
> 
> ie dev files like /var/named/dev/log and /var/named/dev/null.
> 
> Config files in /var/named/

Do it under /var/named, this follows other OSes conventions.  Another
reason is if someone does run an exploit against bind the partition they
are on won't be the root partition if the admin has separated out file
systems.  /etc is almost always on the root partition.  /var is often
separated out onto it's own partition.

A neet way I've seen chrot programs done is to leve the execuitables and
config files where they are normally, then  
-- 
|  Bryan Andersen   |   bryan@visi.com   |   http://www.nerdvest.com   |
| Buzzwords are like annoying little flies that deserve to be swatted. |
|   -Bryan Andersen                                                    |

Reply to:

Follow-Ups:
- Re: chroot bind?
  - From: Bryan Andersen <bryan@visi.com>

References:
- chroot bind?
  - From: Nicholas Lee <nj.lee@plumtree.co.nz>

Prev by Date: Re: ALL: PARANOID from /etc/hosts.deny Should be Commented by default
Next by Date: Re: chroot bind?
Previous by thread: chroot bind?
Next by thread: Re: chroot bind?
Index(es):
- Date
- Thread