Subject: Re: should bind9 have a chroot option?
To: None <>
From: Steven M. Bellovin <>
List: netbsd-users
Date: 04/07/2003 22:02:29
In message <>, Thor Lancelot Simon writes:
>On Mon, Apr 07, 2003 at 11:24:08PM +0100, Charles Blundell wrote:
>> on Mon, Apr 07, 2003 at 06:03:19PM -0400, Steve Bellovin wrote:
>> > named has a chroot option.  However, the bind9 package does
>> > not.  I would think that it should.
>> If you mean the rc.d script, I had this lying around, based on
>> /etc/rc.d/named.
>The only problem is that the bind9 named can't chgrp like our named
>can, seemingly because they'd already used up the option letter we
>added for it!  A trivial annoyance, but one that we should address.
I'd think that that is the sort of change they'd be likely to buy back.

		--Steve Bellovin, (me) (2nd edition of "Firewalls" book)