Ludovic Gasc <gml...@gmail.com> wrote: > > 1. The list of minimal capabilities needed for bind to run correctly: > http://man7.org/linux/man-pages/man7/capabilities.7.html
named already drops capabilities - have a look at the code around here: https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=blob;f=bin/named/unix/os.c;hb=v9_11_2#l234 Note that it's a bit clever - the privileges are dropped in two stages, right at the start, and after the server has been configured. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Southeast Iceland: Westerly 6 to gale 8, veering northwesterly 4 or 5 later, occasionally severe gale 9 at first in south. Very rough in north, otherwise high, occasionally very high in far south. Snow showers. Good occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
