Re: bind9 and ipv6

To: debian-user@lists.debian.org
Subject: Re: bind9 and ipv6
From: Craig Dickson <crdic@pacbell.net>
Date: Wed, 23 Oct 2002 16:42:58 -0700
Message-id: <[🔎] 20021023234258.GA9737@linux700.localnet>
In-reply-to: <[🔎] 17022.216.39.174.24.1035412424.squirrel@webmail.linuxpowered.net>
References: <[🔎] 20021023205728.GB27252@ool-182d5135.dyn.optonline.net> <[🔎] 17022.216.39.174.24.1035412424.squirrel@webmail.linuxpowered.net>

nate wrote:

> Also I reccomend of course
> running BIND as a non-root uid/gid and in chroot(). This may require
> some additional setup especially for the chroot().

Or better still, use another DNS that does this automatically. I use
maradns, which by default runs as a non-privileged user in a chroot
jail. As an internal-use-only server, it works fine, though there is a
minor glitch about resolving CNAME records recursively (i.e. if your DNS
config has a CNAME that resolves to a name outside your domain,
requiring a recursive lookup, it doesn't seem to work, or at least, it
didn't the last time I tried it, a few months ago).

Craig

Reply to:

References:
- bind9 and ipv6
  - From: Kevin Coyner <kevin@rustybear.com>
- Re: bind9 and ipv6
  - From: "nate" <debian-user@aphroland.org>

Prev by Date: Spontaneous Rebooting while in X
Next by Date: Re: [OT] - Interesting politics and the GPL
Previous by thread: Re: bind9 and ipv6
Next by thread: Re: bind9 and ipv6
Index(es):
- Date
- Thread