Re: bind running as root in Mandrake 7.0
Michael Stone (mstone@debian.org) wrote on 5 June 2000 07:08:
>On Mon, Jun 05, 2000 at 10:28:04AM +0100, Anton Ivanov wrote:
>> There was a long standing discussion on this which basically boils down to the
>> fact that if you obtain your address dynamically or have dynamic interfaces
>> (some form of PPP or anything on PCMCIA) you have to run it as root in order
>> for bind to use these interfaces.
>>
>> bind does not bind 0.0.0.0:53. It for one or another reason binds every
>> interface separately. Hence if an interface is not available at bind start
>> time and bind does not run as root the interfaces are not rebound.
>
>And I still think this is a stupid reason for us to be allowing a
>security problem to sit around--how many people run dns servers on
>machines with dynamic addresses?
Agreed!!!
If the czars don't agree with this, the possibility should at least be
easier to implement by setting a config option in the /etc/init.d/bind
script.
Reply to: