[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

More BIND thoughts

To: Linux Knowledge Base List <linuxkb-list@seul.org>
Subject: More BIND thoughts
From: "Aaron D. Turner" <aturner@best.com>
Date: Sat, 16 Jan 1999 11:56:50 -0800 (PST)
Reply-To: linuxkb-list@seul.org
Sender: owner-linuxkb-list@seul.org

-----BEGIN PGP SIGNED MESSAGE-----


After some reading on the net and the Orielly BIND book about chroot'd
bind, I now understand why everthing is in /home/named.  Basically since
BIND isn't running as root, but as a user with minimal privilages, it
doesn't have rw privs to the normal BIND places.  Basically since BIND
actually chroots to a new directory structure, (/home/named in this case)
you can't put it files in /etc & /var as one is accustomed.

If you want the BIND files in the "normal" places, you need to run named
as root (with all the associated risks of that).

So, the question is:

What's more important- security or standard file placement?

I opt for security.


- -- 
Aaron Turner           | Either which way, one half dozen or another. 
aturner@pobox.com      | Check out the Red Hat Linux User's FAQ Online!
www.pobox.com/~aturner | http://www.pobox.com/~aturner/RedHat-FAQ/
All emails from this account are PGP signed.  Lack of a signature is "bad".
PGP Key fingerprint = FB E1 CE ED 57 E4 AB 80  59 6E 60 BF 45 1B 20 E8



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNqDvAzM3jpXy1kJtAQFMtgP/Yu3G/QQJ6U3JbIgihycEHg3UeAAkp6tI
R78p8QLCbane6MQ48zD5hH/Y06jjCL7wOjIS7XO6lojFNJfMh9sMputl9MYchLK5
KIX0ItNglGTKzUsIXLb9q86IpO3sjVfPdR9d2Ud0mI3nzTEONhWyzwi6R1WJN1Bw
xyPNHmJ+qEk=
=ZH5w
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: More BIND thoughts
  - From: Jason Pincin <jpincin@ashtech.net>

Prev by Date: It's ugly, but it's a start
Next by Date: Re: MOT haywire?
Prev by thread: It's ugly, but it's a start
Next by thread: Re: More BIND thoughts
Index(es):
- Date
- Thread