You need to start named as root for it to be able to chroot. (Unless
Solaris has some cunning fine-grained privilege feature I don't know
about.)
On 01.07.14 15:18, Stewart, Larry C Sr CTR DISA JITC (US) wrote:
Ok so that was not a good troubleshooting technique, was trying to
determine what did not have the correct permissions and thus causing the
warning. I guess I will go ahead and run it the way I have been for the
last 5 years, unless I find it is causing me problems.
For now we have to trust BIND it will properly bind(), chroot() and drop
privileges...
does anyone know if there's a way to leave these (dropping privileges) to
other programs, so BIND and similar apps won't have to implement this on
their own?
... on Linux or other OSes?
(taking care about security of a small program should be easier)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
