Re: These 'roots' are bugging me.

To: Gergely Trifonov <gergely.trifonov@indweb.hu>, Dave Kline <dave@iitedge.com>
Cc: debian-security@lists.debian.org
Subject: Re: These 'roots' are bugging me.
From: Stefan Srdic <linuxbox@telusplanet.net>
Date: Wed, 30 Jan 2002 05:31:28 -0700
Message-id: <[🔎] 02013005312800.00736@NodeFilter>
References: <[🔎] 20020123233814.A7815@linux.wku.edu> <[🔎] 3C581BE7.7060709@iitedge.com>

On Wednesday 31 December 1969 17:00, Gergely Trifonov wrote:

>
> dave,
> running BIND as a non-privileged user is a good idea, but putting it
> into a chroot jail _and
> _ running as a non-root user is much safer.
> i've recently created a chroot'd BIND and use it on a production server;
> it's not that difficult. if you want to do this, the chroot-BIND8 howto
> is your friend: http://www.linuxdoc.org/HOWTO/Chroot-BIND8-HOWTO.html
>
> this document is really good, but some additional work needs to be done
> to get the thing work on debian.
>

Remember to statically compile BIND if your going to place it in a chroot 
jail, there's another document on securing BIND at

http://www.psionic.com/papers/dns/dns-linux

Have fun.

Stef

Reply to:

Follow-Ups:
- Re: These 'roots' are bugging me.
  - From: Christoph Moench-Tegeder <ry04@rz.uni-karlsruhe.de>

References:
- /bin/passwd as shell
  - From: Rob VanFleet <rvf@linux.wku.edu>
- These 'roots' are bugging me.
  - From: Dave Kline <dave@iitedge.com>

Prev by Date: Re: OFFTOPIC: Linux in the Bundestag(german parliament) - Petition
Next by Date: Re: These 'roots' are bugging me.
Previous by thread: Re: These 'roots' are bugging me.
Next by thread: Re: These 'roots' are bugging me.
Index(es):
- Date
- Thread