[Linux-disciples] chrooting bind9
Stephen R Laniel
steve at laniels.org
Mon Oct 24 17:07:05 EDT 2005
My boss recommends that I run BIND9 chrooted. Cool, sure,
I'll do that, but I'm curious: why should BIND9 run chrooted
when, say, people don't seem to suggest that Apache run
chrooted? At least, people don't suggest it as often as they
suggest it for BIND. /etc/init.d/bind9 even contains
# for a chrooted server: "-u bind -t /var/lib/named"
# Don't modify this line, change or create /etc/default/bind9.
OPTIONS=""
so it seems to be accepted wisdom to run chrooted. What's
the logic?
--
Stephen R. Laniel
steve at laniels.org
+(617) 308-5571
http://laniels.org/
PGP key: http://laniels.org/slaniel.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.bostoncoop.net/pipermail/linux-disciples/attachments/20051024/8c37cbdd/attachment.pgp
More information about the Linux-disciples
mailing list