[bind10-dev] should the socket creator use chdir?
JINMEI Tatuya / 神明達哉
jinmei at isc.org
Mon Dec 5 18:31:22 UTC 2011
The socket creator process will be the only one that needs to keep the
root privilege. I wonder whether we should at least allow it to run
under a 'chroot' environment for best possible security (I know it's
not even expected to directly communicate with other BIND 10 processes
than the boss process, let alone arbitrary remote client nodes, but
when it comes to security paranoia is often better than optimism).
Since it's intended to be a simple stand-alone program that could even
be statically linked, it should be easy to realize that.
Is that worth doing?
---
JINMEI, Tatuya
More information about the bind10-dev
mailing list