[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Got root?

On Wed, May 02, 2001 at 02:53:29AM +0000, Adam Olsen wrote:

> Since there IS a way to do what he wanted, what would it take to make
> it used by default?  I'm sure everybody running BIND would feel alot
> safer if it never ran as root, and such a practice would probably earn
> Debian as a whole a few points for security.

bind when configured to run non-root (which debian does not do) drops
ALL root privileges irrevokably (sp?).  it only starts as root to bind
to the port and chroot() to the chroot jail.  once those two tasks are
complete it drops all root privileges, permanantly.

Ethan Benson

Attachment: pgpT4WvJCjyfc.pgp
Description: PGP signature

Reply to: