chrooting bind
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Thu Aug 16 22:56:49 UTC 2001
>
> Maybe I am missing something here, but according to the bind9ARM, using the -
> t
> flag to bind still requires you to set up a sandbox just as if you were going
> to chroot the binary:
The is potential for an OS to delay loading some libraries until
particular functions are called. We believe that all such
functions (e.g. getpwnam()) are called before we chroot()
but there is alway potential for the OS vendors to change
things.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-users
mailing list