[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: named as non-root?


On Thu, Jun 22, 2000 at 11:19:13AM -0400, Paul Tod Rieger wrote:
> On my router/firewall (2 NICs with ipmasq in between;
> slink/2.0.36), I run named as root.  I'm looking for an easy
> way not to.
> Since the Debian system already runs Apache as www-data, I'm
> wondering if adding "-u www-data  -g www-data" to named's
> start up file would be an easy way to run it non-root.

You should rather create a user/group specifically for named.
e.g. add a user called bind and a group called bind (or named or

If you look at the end of Step Four of the URL you mention
below, you will notice they also tell you not to use an existing
user/group.  If you have both apache and bind running with the
same user/group, then if someone gains access to that UID
through a bug in one, they usually automatically have some level
of control over the other.

> Would that be enough?  And would it be more secure?  Starting

It would be more secure, but whether or not it's "enough" is

> from Debian's bug reports, I eventually found
> http://www.psionic.com/papers/dns/dns-linux/ -- but its
> approach seems more complicated.

This article does what you are trying to do above by running
bind as non-root, and in addition to that, puts it in a chroot
jail so that if someone does managed to get a shell on the
machine via a bind bug, they will be in the jail and they will
not automatically have access to the rest of the filesystem.

Michael Wood        | Tel: +27 21 762 0276 | http://www.kingsley.co.za/
wood@kingsley.co.za | Fax: +27 21 761 9930 | Kingsley Technologies

Reply to: