From owner-freebsd-questions Fri Dec 15 13:18:39 2000 From owner-freebsd-questions@FreeBSD.ORG Fri Dec 15 13:18:36 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 5348F37B400 for ; Fri, 15 Dec 2000 13:18:36 -0800 (PST) Received: from wkst ([209.16.228.146]) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id QAA29658 for ; Fri, 15 Dec 2000 16:21:38 -0500 Reply-To: From: "Peter Brezny" To: Subject: named in a sand box. terminology clarification from -net Date: Fri, 15 Dec 2000 16:17:40 -0800 Message-ID: <003101c066f5$9a974740$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I have a nomenclature ignorance when it comes to the term sandbox. > > When someone says, "named runs in a sandbox on my machine." > > Do they mean > > a) named runs under an unpriviliged user > or > b) named runs in a chrooted environment > or > c) both At one point in time, "sandbox" meant a) as above. However, with the advent of chroot and the security gains that it provides, "sandbox" has been re-defined to mean b) in most cases. Unfortunately, this means that some documentation causes confusion, such as named-related sources you quoted. -- Matthew Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message