Re: [linux-security] Re: Chrooting bind 8.1.2 under debian 2.0

To: Carlos Barros <cbf@redlider.com.uy>
Cc: cfb <cfb@ocn21.kdd-ok.ne.jp>, debian-user@lists.debian.org, linux-security@redhat.com, debian-isp@lists.debian.org
Subject: Re: [linux-security] Re: Chrooting bind 8.1.2 under debian 2.0
From: Leigh Porter <leigh@wisper.net>
Date: Fri, 17 Jul 1998 09:22:50 +0000
Message-id: <[🔎] 35AF17EA.817BA90C@wisper.net>
References: <[🔎] Pine.LNX.3.96.980714115137.26421C-100000@Aldebaran.redlider.com.uy>

Carlos Barros wrote:

> On Tue, 14 Jul 1998, cfb wrote:
>
>   > The main problem seems to be with the way that debian starts bind using
>   > the script /etc/init.d/bind.  I thought it would be really neat to just
>   > change the #!/bin/sh at the top of the script to something like :
>   >    #!/usr/sbin/chroot /chroot-dns/ /bin/sh
>   > or
>   >    #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh
>
> try changing only the line that start the bind daemon eg:
>
> chroot /chroot-dns/ /bin/named

Splendid idea - but it still runs as root..

I guess that bind does not need anything except it's external programs
(named-xfer etc) and the config files?

--
Leigh



--  
Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null

Reply to:

References:
- Re: Chrooting bind 8.1.2 under debian 2.0
  - From: Carlos Barros <cbf@redlider.com.uy>

Prev by Date: Re: X fonts
Next by Date: setting dynamic rxvt titles with Xresoures/Xdefaults
Previous by thread: Re: [linux-security] Re: Chrooting bind 8.1.2 under debian 2.0
Next by thread: make-kpkg: ld bombs on misc.o
Index(es):
- Date
- Thread