Necessity of DNSSEC Lookaside Validation(DLV)
kcd at chrysler.com
Tue Apr 7 20:45:03 UTC 2009
Chandan Laskar wrote:
> We have deployed DNS on RHEL 5 Update 1. Below are feature of our DNS.
> *1. Implemented OS Security Best Practice ( e.g. Enable MD5 and shadow
> passwords, Root Login Console Restricted, Configure SSH as an
> alternative of Telnet e.t.c.). *
> *2. Configured Openssl Version 0.9.8j.*
> *3. Configured BIND 9.6.0-P1 with CHROOT Environment. So BIND is not
> running as root user.*
Hopefully you mean that you're running with a chroot environment *and*
configured to run as an unprivileged user. Running chroot'ed does not
*automatically* cause you to run unprivileged. Maybe I'm reading too
much into that word "so"...
More information about the bind-users