hello, On Fri, 11 Feb 2005, Andreas Rottmann wrote:
| | severity 242472 wishlist | retitle 242472 Please chroot radvd | tags 242472 + wontfix | thanks | | I just wanted to note that Debian packages do not set up chroots in | general, as also noted in the Securing Debian Manual[0]: | | ,---- | | The daemons that you install with your Debian distribution will not | | come, however, chrooted [31] per default. | `---- | | [0] http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-chroot | | There are tools in Debian however, that make it easier to set up | chroots, such as jailer or jailtool. you have to separate between packages setting up chroot environments for eg bind or apache, and on the other hand privsep-like things where daemons just chroot to empty or near-empty directory with no additional administrative hassle. the latter is infact done by eg postfix and sshd in debian... and radvd would, i think, be in the latter category as well. bear in mind that the howto referenced above is not any sort of normative policy spec :) -- erno -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
