I'm setting up my new server, based on Debian Woody.
I'm setting bind9 in a chroot jail.
There are two chances to do this:
1) using parameter --chroot of 'start-stop-daemon'
2) using parameter -t of bind
In both ways I have to use -u parameter of bind to change user, otherwise
it can't get privileged resources as the 'domain' socket.
Is there a difference in security with one method resspect to the other?
(I used makejail from testing to build up the structure of the jail).
Thank you in advance
Stefano Salvi
=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=
_|_
----O----
Ing. Stefano Salvi mailto:[EMAIL PROTECTED]
Viale L. Vaschi, 15 mailto:[EMAIL PROTECTED]
46100 Mantova (MN) mailto:[EMAIL PROTECTED]
+39 0376 321572 http://digilander.iol.it/salvis/
+39 0347 3820490 http://www.salvi.mn.it/stefano/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
- Re: chrooting bind9 Stefano Salvi
- Re: chrooting bind9 Mark Ferlatte
