Tom wrote:
>
> What's the reason, that it isn't necessary to run modern version of bind in a
> jail?
chroot is a defence against privilege escalation following a remote code
execution vulnerability. It isn't a very solid defence. And BIND 9 tends
to die of a self-check failure before remote code
Am 24.10.2016 um 07:27 schrieb Tom:
From
https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html:
"Running named in a chroot jail (many still do, but this shouldn't be
necessary with modern versions of BIND)".:
Hi list
From
https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html:
"Running named in a chroot jail (many still do, but this shouldn't be
necessary with modern versions of BIND)".:
What's the reason, that it
3 matches
Mail list logo