Date: Fri, 15 Dec 2000 16:06:57 -0800 From: "Peter Brezny" <peter@sysadmin-inc.com> To: <freebsd-net@freebsd.org> Subject: named in a sand box. Message-ID: <002d01c066f4$1ba7a980$46010a0a@sysadmininc.com>
next in thread | raw e-mail | index | archive | help
I have a nomenclature ignorance when it comes to the term sandbox. When someone says, "named runs in a sandbox on my machine." Do they mean a) named runs under an unpriviliged user or b) named runs in a chrooted environment or c) both ? In the /etc/namedb/named.conf it says that freebsd runs bind in a sandbox and refers to the named flags in rc.conf, and when you look at those flags in /etc/defults/named.conf all you see is the -u and -g options for the flags, NOT the -t option for running in a chrooted environemnt. This led me to believe that 'sandbox' means unpriviliged user. But when i posed a related question on -questions, someone told me that sandbox = chrooted environment. I also want to know, if you are running named under an unpriviliged user, is it worth the extra trouble to run it chrooted? Thanks for your help. Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002d01c066f4$1ba7a980$46010a0a>