Re: Running current version of bind in a jail?

Tom wrote: > > What's the reason, that it isn't necessary to run modern version of bind in a > jail? chroot is a defence against privilege escalation following a remote code execution vulnerability. It isn't a very solid defence. And BIND 9 tends to die of a self-check failure before remote code

Re: Running current version of bind in a jail?

Am 24.10.2016 um 07:27 schrieb Tom: From https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html: "Running named in a chroot jail (many still do, but this shouldn't be necessary with modern versions of BIND)".:

Running current version of bind in a jail?

Hi list From https://kb.isc.org/article/AA-00768/0/Getting-started-with-BIND-how-to-build-and-run-named-with-a-basic-recursive-configuration.html: "Running named in a chroot jail (many still do, but this shouldn't be necessary with modern versions of BIND)".: What's the reason, that it