On Tue, Sep 29, 2015 at 08:14:18PM -0400, Gordon Lang wrote: > After reading Mark's post (found in my spam folder), I gather suid cannot > be used with threads on Linux. So I have to choose between setting up a > suid root wrapper, or simply not using threads. So my final question is > whether or not using threads on Linux is sufficiently beneficial in spite > of it being "a total mess."
Setuid can be used on linux, but you have to ensure the permissions are all correct and all unnecessary privileges have been dropped before the process begins forking threads. If all the files and directories that named needs to access are owned by user "bind" and named is running with "-u bind", things are generally smooth. If you don't use threads, you'll have less to fiddle around with to set up file and directory ownership, but you'll get a fraction of the performance. If you have a low-traffic server, that might not be a concern for you. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
