Necessity of DNSSEC Lookaside Validation(DLV)

Kevin Darcy kcd at
Tue Apr 7 20:45:03 UTC 2009

Chandan Laskar wrote:
> Hi,
> We have deployed DNS  on RHEL 5 Update 1. Below are feature of our DNS.
> *1. Implemented OS Security Best Practice ( e.g. Enable MD5 and shadow 
> passwords, Root Login Console Restricted, Configure SSH as an 
> alternative of Telnet e.t.c.). *
> *2. Configured Openssl Version 0.9.8j.*
> *3. Configured BIND 9.6.0-P1 with CHROOT Environment. So BIND is not 
> running as root user.*
Hopefully you mean that you're running with a chroot environment *and* 
configured to run as an unprivileged user. Running chroot'ed does not 
*automatically* cause you to run unprivileged. Maybe I'm reading too 
much into that word "so"...

                                       - Kevin

More information about the bind-users mailing list