> Date: Mon, 27 Sep 2010 09:46:44 -0500 > From: Jerry Kemp <[email protected]> > Sender: [email protected] > > IMHO, the primary benefit of chrooting is security. > > another, less painful option, again IMHO, is to run BIND in a jail if > you are using BSD, or a zone if you are on Solaris, or a Solaris based > distro.
While both are pretty simple to do on BSD, jail is far more secure, but I certainly find setting up jails more complex than chrooting. (Besides, the FreeBSD BIND is chrooted by default, so there is nothing to set up.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [email protected] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
