Am 14.01.2016 um 21:48 schrieb John Miller:
Thanks for the advice, Mike. We chrooted our install because it was "best practice" security-wise, but from an administration standpoint, it's been a bit of a headache: for example, you have to keep straight what goes in /etc and /var/named/chroot/etc, you end up setting a $BIND_CHROOT environment variable for everyone to keep paths shorts at the CLI, etc.
no, you need to just put a symlink how often do you *by hand* touch things? normally anything is done with backends and scriptsso after once configured it don't matter if things are bekow /var/named/chroot/ or on a higher directory - is it worth - well, the question is "does it harm" and it don't after initial deployment when done right
security is about layers
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
