Re: BIND security question

To: Pollywog <pollywog@shadypond.com>
Cc: debian-user list <debian-user@lists.debian.org>
Subject: Re: BIND security question
From: Robert Varga <robi@piros.zold.net>
Date: Fri, 31 Dec 1999 21:59:00 +0100 (CET)
Message-id: <[🔎] Pine.LNX.3.96.991231215513.28301C-100000@piros.zold.net>
In-reply-to: <[🔎] XFMail.19991230151317.pollywog@shadypond.com>


On Thu, 30 Dec 1999, Pollywog wrote:

> 
> On 30-Dec-1999 Onno wrote:
> > At 04:16 PM 12/28/99 -0000, Pollywog wrote:
> >>
> >>On 28-Dec-1999 root wrote:
> >>
> >>Was this someone trying to find out which BIND I am running?
> >>> 
> >>> Unusual System Events
> >>> =-=-=-=-=-=-=-=-=-=-=
> >>> Dec 28 06:39:09 lilypad named[342]: unapproved query from
> >>> [206.79.22.9].1978
> >>> for "version.bind"
> >>> Dec 28 06:39:09 lilypad named[342]: unapproved query from
> >>> [206.79.22.9].1978
> >>> for "version.bind"
> > 
> > I don't know the query but I't looks like bind is handeling it quite well
> > ;-)
> > 
> > Anyway you have bind under another UID/GID than root, right?
> 
> I installed the Debian package for BIND, and I just checked and it does appear
> to be running as root :( 
> 
> I will have to read the docs to determine if I can change that without
> compiling it myself.

Just append
   -- -u named 

on the end of the line start-stop-daemon line in the start section in
/etc/init.d/bind .

Of course, create the named user, because it does not exist in default.

Robert Varga

Reply to:

Follow-Ups:
- Re: BIND security question
  - From: hypnos <hypnos@m-net.arbornet.org>

References:
- Re: BIND security question
  - From: Pollywog <pollywog@shadypond.com>

Prev by Date: Re: Unrecognized option: --helpRe: email grabbed by RMAIL emacs
Next by Date: Re: Re: CHAP problem
Previous by thread: Re: BIND security question
Next by thread: Re: BIND security question
Index(es):
- Date
- Thread