Date: Sun, 6 Jan 2002 11:23:45 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Joe Abley <jabley@automagic.org> Cc: Haikal Saadh <wyldephyre2@yahoo.com>, stable@FreeBSD.ORG Subject: Re: Chrooted bind out of the box Message-ID: <20020106112345.B237@gohan.cjclark.org> In-Reply-To: <20020105222558.A95067@buffoon.automagic.org>; from jabley@automagic.org on Sat, Jan 05, 2002 at 10:26:01PM -0500 References: <000001c195b1$db087880$41c801ca@warhawk> <20020105140846.D204@gohan.cjclark.org> <20020105222558.A95067@buffoon.automagic.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jan 05, 2002 at 10:26:01PM -0500, Joe Abley wrote:
> On Sat, Jan 05, 2002 at 02:08:46PM -0800, Crist J. Clark wrote:
> > On Sat, Jan 05, 2002 at 11:26:00AM +0500, Haikal Saadh wrote:
> > > Is there a reason why bind is run as root by default and not bind.bind?
> > > And not chrooted?
> > >
> > > If I'm not mistaken almost everyone does this anyway, right?
> >
> > IIRC, the last time it was discussed, it was felt changing this in the
> > middle of -STABLE would be too disruptive. Many working BIND
> > installations would break when people updated.
>
> Why not create a named_chroot variable in defaults/rc.conf which
> is by default set to NO, but which sysinstall can override in
> /etc/rc.conf with a YES for fresh (non-upgrade) installs?
/etc/defaults/rc.conf are the defaults. Not everyone makes a new
system with sysinstall(8), and having sysinstall(8) put new and
unexpected things in rc.conf is in itself a POLA vilolation.
I was talking more about running named(8) as bind:bind. Chrooting has
other issues, you need to actually build a chroot environment
somewhere and decide what to put in it, and you still need to run as
bind:bind for chrooting to be much of a security measure.
Running named(8) as bind:bind by default is easiest done by changing
the named_bind flags. As I said, changing the default would break
stuff, but if you look at /etc/defaults/rc.conf in -STABLE,
named_flags="" # Flags for named
#named_flags="-u bind -g bind" # Flags for named
So the hint is already there. And if you look at -CURRENT,
named_flags="-u bind -g bind" # Flags for named
It already runs that way by default.
But if you really want to be clever, you should run named(8) in a
jail(8).
--
"It's always funny until someone gets hurt. Then it's hilarious."
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020106112345.B237>