Date: Fri, 12 Nov 1999 09:22:52 -0500 (EST) From: Bill Fumerola <billf@chc-chimes.com> To: Brett Glass <brett@lariat.org> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, security@FreeBSD.ORG Subject: Re: Why not sandbox BIND? Message-ID: <Pine.BSF.4.10.9911120922190.85007-100000@jade.chc-chimes.com> In-Reply-To: <4.2.0.58.19991111220759.044f46d0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 11 Nov 1999, Brett Glass wrote: > I assume you mean rc.conf, not named.conf. > > In any case, maybe there should be a "sandbox BIND" flag in rc.conf > that selects a sandboxed configuration and is on by default. > Also, it'd be nice to have the user "named" already in /etc/passwd > and ready to go. bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin You mean like that in src/etc/master.passwd? -- - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol@computerhorizons.com - billf@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9911120922190.85007-100000>