Re: These 'roots' are bugging me.
1) visit
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
2) see section 5.8 "Securing BIND"
It will explain how to create a named user and group as well as how to
modify /etc/init.d/bind to that bind runs as user named, group named
instead of root.
On Wed, 30 Jan 2002, Dave Kline wrote:
> I have a number of Debian 2.2 systems that have some critical daemons
> running as root. The most concerning offender is BIND8. BIND has been
> tried and convicted, and by judging its turbulent past, I have no choice
> but to demote it from its root status. I don't have dynamic interfaces
> for it to play with so it clearly has no business being root.
>
> I have no experience demoting BIND, but I realize I must. Making a
> chroot'ed environment isn't as large a concern for me as just dropping
> root from the daemon. My question is can I perform this task in a
> 'Debian' way? By that I mean can I follow a HOWTO aimed at Debian, so
> Apt wont trample of my work during the next BIND update? Does anyone
> have a methodology for BIND8 on Debian 2.2?
>
> Thanks much.
> -A. Dave
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Todays root password is brought to you by /dev/random
.-------------------------------------.
| Steve Mickeler * Network Operations |
+-------------------------------------+
| Neptune Internet Services |
`-------------------------------------'
1024D/ACB58D4F = 0227 164B D680 9E13 9168 AE28 843F 57D7 ACB5 8D4F
Reply to: