No subject

escape it by manipulating /dev/kmem or other such root-level chicanery. I'm not
an expert in such matters. Seems to me that chroot'ing, _ipso_facto_, would
make it incrementally more difficult to be compromised, perhaps even enough to
keep out the common-or-garden variety script kiddies. Then again, maybe it
would just offer a more tempting target to a skilled cracker...

> Can it be run chroot and as a different user?

I know that it can, and I am led to believe that this combination is much more
secure. In addition with the -t command-line option for chroot'ing named, you
can also use the -u and -g command-line options to set the user and the group
ids.

>  Anyone have a cookbook on this?

I think I've seen a generic (not Solaris 2.6-specific and maybe not even
specific to Solaris at all) one, but I don't have any references handy. Offhand
from experience, though... in addition to the normal chroot-type things
(filesystem structure, device nodes, shared libraries, etc.) the special
considerations for BIND include things like the ndc control channel, the
writability of zone files and the zone file directory, the runnability of
named-xfer, etc. Oh, and don't forget that starting (or restarting) the
nameserver is still going to require superuser, of course, since named needs to
bind to port 53...


- Kevin