Subject: Re: BIND
To: NetBSD Networking Technical Discussion List <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 11/14/2002 22:04:17
>>>>> "Patrick" == Patrick Welche <firstname.lastname@example.org> writes:
Patrick> The other thing being that /etc/rc.d/named makes it trivially easy to run
Patrick> named in a chroot cage as named:named, which colours the risk "It is then
Patrick> possible to execute code with the privileges of named".
I agree that this should be done by default.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] email@example.com http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [