On Thu, Aug 05, 2004, Alexander Belck wrote: > 1st) Is OpenPKG ver of bind chroot enabled (-t chrootdir) ?
No, not out of the box. If you really want this you have to establish your own chroot(2) environment under /foo for BIND and use bind_flags="... -t /foo ..." in rc.conf. > 2nd) opkg_bind uses opkg[-r] user. > Does I gain more security using an distinct user and chrooting opkg_bind ? Well, theoretically yes, practically no IMHO. This everyone has to decide on his own. Security is always a compromise between not doing anything and allowing everything. I personally think OpenPKG's default of using the dedicated restricted user is reasonably secure here. > 3rd) What does option with_dlz enables ? It's for serving both zone and meta informations directly out of a RDBMs like MySQL or PostgreSQL. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List [EMAIL PROTECTED]