From owner-freebsd-stable Mon Jan 7 6:26:36 2002 Delivered-To: freebsd-stable@freebsd.org Received: from smtp017.mail.yahoo.com (smtp017.mail.yahoo.com [216.136.174.114]) by hub.freebsd.org (Postfix) with SMTP id 74E4F37B416 for ; Mon, 7 Jan 2002 06:26:16 -0800 (PST) Received: from unknown (HELO warhawk) (202.1.200.157) by smtp.mail.vip.sc5.yahoo.com with SMTP; 7 Jan 2002 14:26:10 -0000 From: "Haikal Saadh" To: , "'Joe Abley'" Cc: Subject: RE: Chrooted bind out of the box Date: Mon, 7 Jan 2002 19:25:43 +0500 Message-ID: <003301c19787$408e47d0$9dc801ca@warhawk> X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <20020106112345.B237@gohan.cjclark.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sat, Jan 05, 2002 at 10:26:01PM -0500, Joe Abley wrote: > > On Sat, Jan 05, 2002 at 02:08:46PM -0800, Crist J. Clark wrote: > > > On Sat, Jan 05, 2002 at 11:26:00AM +0500, Haikal Saadh wrote: > > > > Is there a reason why bind is run as root by default and not > > > > bind.bind? And not chrooted? > > > > > > > > If I'm not mistaken almost everyone does this anyway, right? > > > > > > IIRC, the last time it was discussed, it was felt > changing this in > > > the middle of -STABLE would be too disruptive. Many working BIND > > > installations would break when people updated. > > > > Why not create a named_chroot variable in defaults/rc.conf > which is by > > default set to NO, but which sysinstall can override in > /etc/rc.conf > > with a YES for fresh (non-upgrade) installs? > > /etc/defaults/rc.conf are the defaults. Not everyone makes a > new system with sysinstall(8), and having sysinstall(8) put > new and unexpected things in rc.conf is in itself a POLA vilolation. > > I was talking more about running named(8) as bind:bind. > Chrooting has other issues, you need to actually build a > chroot environment somewhere and decide what to put in it, > and you still need to run as bind:bind for chrooting to be > much of a security measure. > > Running named(8) as bind:bind by default is easiest done by > changing the named_bind flags. As I said, changing the > default would break stuff, but if you look at > /etc/defaults/rc.conf in -STABLE, > > named_flags="" # Flags for named > #named_flags="-u bind -g bind" # Flags for named Yup, that how I'm doing, it, and not to mention chown bind.bind everything in /etc/named/ > > So the hint is already there. And if you look at -CURRENT, > > named_flags="-u bind -g bind" # Flags for named > > It already runs that way by default. > > But if you really want to be clever, you should run named(8) > in a jail(8). I'll push that onto my todo stack. _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message