From owner-freebsd-net Fri Dec 15 13:12: 4 2000 From owner-freebsd-net@FreeBSD.ORG Fri Dec 15 13:12:03 2000 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from xena.gsicomp.on.ca (cr677933-a.ktchnr1.on.wave.home.com [24.43.230.149]) by hub.freebsd.org (Postfix) with ESMTP id 96CAC37B400 for ; Fri, 15 Dec 2000 13:12:02 -0800 (PST) Received: from hermes (hermes.gsicomp.on.ca [192.168.0.18]) by xena.gsicomp.on.ca (8.9.3/8.9.3) with SMTP id QAA86751; Fri, 15 Dec 2000 16:11:59 -0500 (EST) (envelope-from matt@gsicomp.on.ca) Message-ID: <000701c066db$e8969eb0$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: , References: <002d01c066f4$1ba7a980$46010a0a@sysadmininc.com> Subject: Re: named in a sand box. Date: Fri, 15 Dec 2000 16:13:44 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I have a nomenclature ignorance when it comes to the term sandbox. > > When someone says, "named runs in a sandbox on my machine." > > Do they mean > > a) named runs under an unpriviliged user > or > b) named runs in a chrooted environment > or > c) both At one point in time, "sandbox" meant a) as above. However, with the advent of chroot and the security gains that it provides, "sandbox" has been re-defined to mean b) in most cases. Unfortunately, this means that some documentation causes confusion, such as named-related sources you quoted. -- Matthew Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message