Is chroot bind safe?
Doug Barton
DougB at DougBarton.net
Fri Jan 24 06:02:22 UTC 2003
On Fri, 24 Jan 2003, Mark wrote:
> Hi,
>
> On FreeBSD 4.7, I just chrooted a BIND 8.3.3 as follows:
>
> /usr/sbin/chroot /etc/namedb/ /usr/sbin/named -u bind -g bind
>
> I copied a few dirs, made some devices, etc, and everything seems to run
> wonderfully. :) Then I found the -t switch (doh!).
>
> Not wanting to change everything again, is chrooting "named" directly just
> as safe?
In my opinion, it's safer to use -t, since that leaves less stuff in the
chroot'ed directory to get compromised.
--
"We have known freedom's price. We have shown freedom's power.
And in this great conflict, ... we will see freedom's victory."
- George W. Bush, President of the United States
State of the Union, January 28, 2002
Do YOU Yahoo!?
More information about the bind-users
mailing list