[bind10-dev] Possible suid root on b10-sockcreator
Shane Kerr
shane at isc.org
Mon Dec 19 11:37:17 UTC 2011
On Fri, 2011-12-16 at 19:51 +0100, Michal 'vorner' Vaner wrote:
>
> So, there are two questions:
> • Are there other pros and cons I didn't mention?
One downside of the setuid() method is that we can't chroot() the entire
BIND 10 application. While we don't do that now, we may want to consider
that in the future.
We could still support the chroot() option if run as root, for users
that want that. But then we'd still have to setuid() later. :( Perhaps
it makes more sense to rely on external chroot command from the OS (both
Linux and FreeBSD seem to have them).
> • Which one is better? Or should we support both modes?
Tricky. I really like the setuid() idea, but it might be too scary for
administrators. Supporting both options removes the benefit of smaller
code footprints and so on.
--
Shane
More information about the bind10-dev
mailing list