Re: bind and fc6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:


On Fri, 2007-02-02 at 14:51 +0000, Stuart Sears wrote:

> True but AFAIK you need root privileges to do this and named drops
> these as soon as it is chrooted. 

Why would BIND need root in the first place?  It only has to read its
own files, it doesn't have to write any system ones.

In order to open the privileged ports used by a nameserver.

nameserver      42/tcp          name            # IEN 116
nameserver      42/udp          name            # IEN 116
Lots of services only need to be root in order to open their service port (e.g., httpd). They then become a normal user and some, such as bind, switch to a chroot jail. 

Cheers,
Dave

--
Politics, n. Strife of interests masquerading as a contest of principles.
-- Ambrose Bierce
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux