Subject: Re: should bind9 have a chroot option?
To: None <firstname.lastname@example.org>
From: Steven M. Bellovin <email@example.com>
Date: 04/07/2003 22:02:29
In message <20030408015503.GA4457@rek.tjls.com>, Thor Lancelot Simon writes:
>On Mon, Apr 07, 2003 at 11:24:08PM +0100, Charles Blundell wrote:
>> on Mon, Apr 07, 2003 at 06:03:19PM -0400, Steve Bellovin wrote:
>> > named has a chroot option. However, the bind9 package does
>> > not. I would think that it should.
>> If you mean the rc.d script, I had this lying around, based on
>The only problem is that the bind9 named can't chgrp like our named
>can, seemingly because they'd already used up the option letter we
>added for it! A trivial annoyance, but one that we should address.
I'd think that that is the sort of change they'd be likely to buy back.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)