[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)

Andres Salomon <dilinger@mp3revolution.net> wrote:
> It's been over 3 months since I submitted a patch for bind9, to
> implement named running as a non-root user by default (#149059).  I 
> tested the patch, and hoped to get some feedback (_any_ real feedback)
> from the maintainer; I have not gotten any.  So, unless anyone has some
> serious objections, I will NMU bind9.  It is embarrassing that we still,
> to this day, ship a bind9 package that runs as root by default
> (especially given bind's track record, wrt security).

Do not do this unless you can make it attach to new interfaces that
come up.  Otherwise you risk breaking existing setups silently where
there are interfaces that come up after bind is started, e.g., VPNs.
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to: