Hello,
On Fri, 15 Dec 2000, Peter Brezny wrote:
> I have a nomenclature ignorance when it comes to the term sandbox.
>
> When someone says, "named runs in a sandbox on my machine."
>
> Do they mean
>
> a) named runs under an unpriviliged user
> or
> b) named runs in a chrooted environment
> or
> c) both
>
> ?
*I* mean "both".
http://www.psionic.com/papers/dns/dns-openbsd/
HTH
> In the /etc/namedb/named.conf it says that freebsd runs bind in a sandbox
> and refers to the named flags in rc.conf, and when you look at those flags
> in /etc/defults/named.conf all you see is the -u and -g options for the
> flags, NOT the -t option for running in a chrooted environemnt.
>
> This led me to believe that 'sandbox' means unpriviliged user. But when i
> posed a related question on -questions, someone told me that sandbox =
> chrooted environment.
>
> I also want to know, if you are running named under an unpriviliged user, is
> it worth the extra trouble to run it chrooted?
>
> Thanks for your help.
>
> Peter Brezny
> SysAdmin Services Inc.
- - maxim
--
Maxim Konovalov, MAcomnet, Internet-Intranet Dept., system engineer
phone: +7 (095) 796-9079, mailto: [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
