Subject: Re: BIND
To: NetBSD Networking Technical Discussion List <>
From: Michael Richardson <>
List: tech-net
Date: 11/14/2002 22:04:17
>>>>> "Patrick" == Patrick Welche <> writes:
    Patrick> The other thing being that /etc/rc.d/named makes it trivially easy to run
    Patrick> named in a chroot cage as named:named, which colours the risk "It is then
    Patrick> possible to execute code with the privileges of named".

  I agree that this should be done by default.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [