DHCP & BIND dynamic updates

phn at icke-reklam.ipsec.nu phn at icke-reklam.ipsec.nu
Tue Aug 20 11:18:47 UTC 2002


Sasa <sasa.pavlovic at kr.hinet.hr> wrote:
> Thanks !

> My english is bad and I dont understand Your last paragraf, could You be
> more detailed please?

If named is run as another user ( named -u user ) 
will cause named to change UID to the UID of user. This
reduces the priviligies named has, and may protect your
system in the even that named malfunctions or can be
made malfunctioning by external attacks.

Running named as non-root however will also affect nameds 
possibility to bind port 53 on a newly attatched interface.

A system with several ip-addresses, where one is down at the
time named starts, will not ba able to use this ip if it
comes up again.

Most nameservers uses a machines single ip, so it's normally 
not an issue.

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.


More information about the bind-users mailing list