Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Dec 1998 18:43:56 -0800 (PST)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc:        committers@FreeBSD.ORG
Subject:   Re: Bind sandbox bogosity
Message-ID:  <199812150243.SAA50480@apollo.backplane.com>
References:   <xzpvhjembb6.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help 

    The first problem is a non-problem, i.e. a bogus
    warning because HUPing named does not change it's
    pid.

    The second problem is real, and I did mention it.  However,
    my feeling is that running named in a sandbox is a basic
    security precaution that must be taken and that the vast
    majority of configurations will not have a problem with
    it.  It would be nice if there were a way to turn off
    the interface scanning junk, though.  named is the only
    major program I know that does that (a Vixie bogosity,
    in my view).

					-Matt

    Matthew Dillon  Engineering, HiWay Technologies, Inc. & BEST Internet 
                    Communications & God knows what else.
    <dillon@backplane.com> (Please include original email in any response)    

:
:One side-effect of forcing named to run as bind:bind is that when you
:HUP it, it tries to recreate the pid file (update_pid_file(), which is
:called from load_configuration(), both in ns_config.c), but can't
:because it doesn't have privs any more and /var/run is only writeable
:by root. Another, far more serious, side-effect is that when it
:rescans interfaces (normally every 60 minutes) and finds an interface
:it wasn't already bound to, it'll try to bind to it, and fail
:miserably because only root can bind to port 53.
:
:Solution 1: don't run named as bind:bind (and consequently back out
:  revision 1.64 of src/etc/rc.conf and revisions 1.33 and 1.32 of
:  src/etc/mtree/BSD.root.dist)
:
:Solution 2: hack bind to temporarily regain privs when HUPed.
:
:DES
:-- 
:Dag-Erling Smorgrav - des@flood.ping.uio.no
:
:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812150243.SAA50480>