Running named as other than root

Cricket Liu cricket at
Sun Nov 21 21:58:59 UTC 1999

> Is there any benefit, security or otherwise, to running named as other
> root?
> "named -u joesnuffy"

Sure.  If your version of BIND proves vulnerable to say, a buffer overrun,
as many have, then people who capitalize on that bug to gain access to
the system that runs the name server will gain access as joesnuffy instead
of root.

You might also want to check out the -t <directory> option, which lets
you chroot() named to a particular directory.


Acme Byte & Wire
cricket at

Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class!  See for
the schedule and to register for upcoming classes.

More information about the bind-users mailing list