Quoting Rob Weir <[EMAIL PROTECTED]>: > [DISCLAIMER: I've played with this here at home, and think I've got a > fairly secure system, but I'm no expert, I'm just an interested geek] > > On Mon, Feb 03, 2003 at 02:21:33PM +0100, Russell Coker wrote: > > Is anyone here running a Debian system with no daemons running as root > > other than init, inetd, and sshd, no SUID-root programs other than > > passwd, su, etc, and generally having everything locked down as much > > as possible (chroot's for daemons, etc)? > > I'm running bind9 in a chroot (using Martin's bind9-chroot package); > everything else is as normal. >
It has been possible since BIND 8.x to run it non-root. I did it on my main machine (non-Debian). It took a little fiddling with permissions and ownership so it could read & write the configuration and zone files. Figure an hour to get it to work. I should invest another hour to improve the solution. I now think it can be done more securely. Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]