From owner-freebsd-security  Fri Nov 12 11:29:28 1999
Delivered-To: freebsd-security@freebsd.org
Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2])
	by hub.freebsd.org (Postfix) with SMTP id BA6E414A2C
	for <security@FreeBSD.ORG>; Fri, 12 Nov 1999 11:29:14 -0800 (PST)
	(envelope-from bvi@rucus.ru.ac.za)
Received: (qmail 95274 invoked by uid 374); 12 Nov 1999 19:29:12 -0000
Date: Fri, 12 Nov 1999 21:29:12 +0200
From: Barry Irwin <bvi@rucus.ru.ac.za>
To: Josef Karthauser <joe@pavilion.net>
Cc: Brett Glass <brett@lariat.org>,
	Bill Fumerola <billf@chc-chimes.com>,
	Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>,
	security@FreeBSD.ORG
Subject: Re: Why not sandbox BIND?
Message-ID: <19991112212912.Z57266@rucus.ru.ac.za>
References: <4.2.0.58.19991111220759.044f46d0@localhost> <Pine.BSF.4.10.9911120922190.85007-100000@jade.chc-chimes.c <4.2.0.58.19991112102309.045abf00@localhost> <19991112173306.D76708@florence.pavilion.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <19991112173306.D76708@florence.pavilion.net>; from joe@pavilion.net on Fri, Nov 12, 1999 at 05:33:06PM +0000
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri 1999-11-12 (17:33), Josef Karthauser wrote:
> On Fri, Nov 12, 1999 at 10:24:44AM -0700, Brett Glass wrote:
> > Our production systems are running an older version of FreeBSD (we
> > always stay a bit behind the leading edge), so they do not have
> > that user.
> > 
> > --Brett
> 
> You are _quite_ a way behind.  I believe that almost all of the 3.X releases
> have had this ability.  (If you're running later mergemaster is your friend ;)

3.2 System CVSup'd doesnt have it by default
su-2.03# cat /etc/passwd | grep named
su-2.03# uname -a
FreeBSD shagrat.moria.org 3.3-STABLE FreeBSD 3.3-STABLE #0: Thu Oct 21
15:40:30 SAST 1999
bvi@shagrat.moria.org:/usr/src/sys/compile/bvi.SHAGRAT
i386

Same on my other straight 3.2-STABLE system

Adding a user for named is one of the first things I do on a new systen,
along with adding a specific user for httpd , rather than the default
nobody.

IMO, most daemons that dont need any special privilege should be run as
their own user, this includes things like squid, mail ( qmail has a nice
broken up privilege levels model).

Think it would be a good idea to possibly add these in by default on a New
BSD install. No reason for named to run as root whatsoever ( well other than
the inital bind)

Barry
-- 
--------------------------------------------------------------------------
Barry Irwin 				 	IRC:  balin@zanet (#linux)
bvi@moria.org  					http://rucus.ru.ac.za/~bvi
Whois BI414		- PMPN8EZ -		http://moria.org
--------------------------------------------------------------------------


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message