chrooting BIND [was -Re: Here I am again, hat in hand with humble demeanor.......]
Doug Barton
dougb at dougbarton.us
Mon Sep 27 23:10:00 UTC 2010
On 9/27/2010 7:46 AM, Jerry Kemp wrote:
> IMHO, the primary benefit of chrooting is security.
>
> another, less painful option, again IMHO, is to run BIND in a jail if
> you are using BSD,
The default configuration in FreeBSD is to run it chroot'ed. Given that
it's very unlikely that the chroot will be broken, IMO running it in a
jail for security reasons is overkill.
hth,
Doug
--
... and that's just a little bit of history repeating.
-- Propellerheads
Improve the effectiveness of your Internet presence with
a domain name makeover! http://SupersetSolutions.com/
More information about the bind-users
mailing list