tech-security: Re: proposals for running named in a non-root chroot cage

Subject: Re: proposals for running named in a non-root chroot cage
To: Andrew Brown <atatat@atatdot.net>
From: Steven M. Bellovin <smb@research.att.com>
List: tech-security
Date: 03/08/2001 20:39:25

In message <20010308203554.A27260@noc.untraceable.net>, Andrew Brown writes:
>>>>	- change the build system to populate /var/named/ by default
>>>>	  (with named-xfer, the example etc/namedb, ...)
>>>...named-xfer would be installed in /var/named/usr/libexec/named-xfer
>>>and a symlink would be put at /usr/libexec/named-xfer?
>>
>>	or, every time before named startup, copy /usr/libexec/named-xfer
>>	into /var/named/usr/libexec/named-xfer.
>
>that might be a bit heavy.  running cmp (or diff) would be heavier,
>but checking that the mtime and size were the same (if copied with -p)
>would probably be sufficient.

Those are easy to fake.  Run md5 on it, and compare to the stored md5 
checksum of the original.

		--Steve Bellovin, http://www.research.att.com/~smb