On Mon, Jun 05, 2000 at 10:28:04AM +0100, Anton Ivanov wrote: > There was a long standing discussion on this which basically boils down to the > fact that if you obtain your address dynamically or have dynamic interfaces > (some form of PPP or anything on PCMCIA) you have to run it as root in order > for bind to use these interfaces. > > bind does not bind 0.0.0.0:53. It for one or another reason binds every > interface separately. Hence if an interface is not available at bind start > time and bind does not run as root the interfaces are not rebound. And I still think this is a stupid reason for us to be allowing a security problem to sit around--how many people run dns servers on machines with dynamic addresses? -- Mike Stone
Attachment:
pgpuHFDBogux1.pgp
Description: PGP signature