Re: To the bind maintainer
"Glen S Mehn" <gmehn@concentric.net> writes:
> While we're pitching in, I have to agree with mstone as well.
>
> Security and stability are an important part of why folks come to Debian/Gnu
> linux.
>
> The postinstall script could even suggest running bind as root for, say,
> laptops, IP tunnelling stuff, etc. There's enough of that going around.
Or machines using plip or other point to point connections, or IP masquerading
boxes, or with vmware installed, or any other emulator using ethertap
devices... Or any machine that might do any of these things in the future.
Are there any known buffer overflow attacks against our current named?
If there was and it was running as a non-root user would being vulnuerable to
a DOS attack and being open to non-root attacks be acceptable?
If there were any actual security gains then it might make sense to disable
useful features for the security gains. As it is it merely downgrades a
hypothetical attack from a root-obtaining-exploit to a remote exploit that
doesn't obtain root but is a DOS and obtains non-root access to the machine.
If you want to improve security you should implement a kernel interface for
non-root users to be able to do what named does. Then propose this again.
--
greg
Reply to: