begin Andres Salomon quote on Tue, Sep 10, 2002 at 03:14:48PM -0400: > serious objections, I will NMU bind9. It is embarrassing that we still, > to this day, ship a bind9 package that runs as root by default > (especially given bind's track record, wrt security). As long as you're running it as non-root, do you make it chroot() also? It's very easy to put bind9 in a chroot() jail, and can (and should) be done by the package, with no change to configuration file locations, and minimal changes elsewhere (you need to tell syslog to put log socket in $bindchroot/etc/log, which admittedly sucks, but is not hard). bind8 could also run as non-root, but the maintainer's viewpoint was that it would confuse people who had interfaces that were transient. User-friendyness wins over security yet again. M
Attachment:
pgp1lS7vTe6B0.pgp
Description: PGP signature