Is chroot bind safe?

Doug Barton DougB at
Fri Jan 24 06:02:22 UTC 2003

On Fri, 24 Jan 2003, Mark wrote:

> Hi,
> On FreeBSD 4.7, I just chrooted a BIND 8.3.3 as follows:
> /usr/sbin/chroot /etc/namedb/ /usr/sbin/named -u bind -g bind
> I copied a few dirs, made some devices, etc, and everything seems to run
> wonderfully. :) Then I found the -t switch (doh!).
> Not wanting to change everything again, is chrooting "named" directly just
> as safe?

In my opinion, it's safer to use -t, since that leaves less stuff in the
chroot'ed directory to get compromised.

   "We have known freedom's price. We have shown freedom's power.
      And in this great conflict, ...  we will see freedom's victory."
	- George W. Bush, President of the United States
          State of the Union, January 28, 2002

         Do YOU Yahoo!?

More information about the bind-users mailing list