Re: New BIND 9 chroot directories

From: Makoto Matsushita <matusita_at_jp.FreeBSD.org>
Date: Tue, 05 Oct 2004 11:48:34 +0900
I'm seriously considering to change my named configuration to using
chroot sandbox.  Generally, I'm agree with recent named changes.
However I have one thing unclear about current /var/named.

DougB> Because running bind chrooted is considerably safer, and the
DougB> defaults should be as safe as possible unless it is an
DougB> inconvenience to the majority of our users.

As a result, all files using named(8) is under "/var," which is
characterized "multi-purpose log, temporary, transient, and spool
files" directory (see hier(7)).  Yes, the named configuration file (I
believe it is considered generally as important), master zone files
(also important, at least for me), are located under "/var."

So here's my question to all "running named with chroot sandobx"
users: are you ok with such important file is under /var?

-- -
Makoto `MAR' Matsushita
Received on Tue Oct 05 2004 - 00:48:37 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:15 UTC