Re: bind running as root in Mandrake 7.0

To: debian-security@lists.debian.org
Subject: Re: bind running as root in Mandrake 7.0
From: Carlos Carvalho <carlos@fisica.ufpr.br>
Date: Mon, 5 Jun 2000 08:32:04 -0300 (BRT)
Message-id: <[🔎] 14651.36788.958808.897039@hoggar.fisica.ufpr.br>
In-reply-to: <[🔎] 20000605070845.Z14169@justice.loyola.edu>
References: <Pine.LNX.4.21.0006031555490.8877-100000@linuxserver.it-xchange.com> <20000604173901.A30077@halfpricehosting.com> <[🔎] E12ytAy-0000VM-00@greebo> <[🔎] 20000605070845.Z14169@justice.loyola.edu>

Michael Stone (mstone@debian.org) wrote on 5 June 2000 07:08:
 >On Mon, Jun 05, 2000 at 10:28:04AM +0100, Anton Ivanov wrote:
 >> There was a long standing discussion on this which basically boils down to the 
 >> fact that if you obtain your address dynamically or have dynamic interfaces 
 >> (some form of PPP or anything on PCMCIA) you have to run it as root in order 
 >> for bind to use these interfaces.
 >> 
 >> bind does not bind 0.0.0.0:53. It for one or another reason binds every 
 >> interface separately. Hence if an interface is not available at bind start 
 >> time and bind does not run as root the interfaces are not rebound.
 >
 >And I still think this is a stupid reason for us to be allowing a
 >security problem to sit around--how many people run dns servers on
 >machines with dynamic addresses?

Agreed!!!

If the czars don't agree with this, the possibility should at least be
easier to implement by setting a config option in the /etc/init.d/bind
script.

Reply to:

References:
- Re: bind running as root in Mandrake 7.0
  - From: Anton Ivanov <aivanov@eu.level3.net>
- Re: bind running as root in Mandrake 7.0
  - From: Michael Stone <mstone@debian.org>

Prev by Date: Re: bind running as root in Mandrake 7.0
Next by Date: Re: bind running as root in Mandrake 7.0
Previous by thread: Re: bind running as root in Mandrake 7.0
Next by thread: Re: bind running as root in Mandrake 7.0
Index(es):
- Date
- Thread