chrooting bind9
I'm setting up my new server, based on Debian Woody.
I'm setting bind9 in a chroot jail.
There are two chances to do this:
1) using parameter --chroot of 'start-stop-daemon'
2) using parameter -t of bind
In both ways I have to use -u parameter of bind to change user, otherwise
it can't get privileged resources as the 'domain' socket.
Is there a difference in security with one method resspect to the other?
(I used makejail from testing to build up the structure of the jail).
Thank you in advance
Stefano Salvi
=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=o=
_|_
----O----
Ing. Stefano Salvi mailto:s.salvi@libero.it
Viale L. Vaschi, 15 mailto:stefano.salvi@inwind.it
46100 Mantova (MN) mailto:salvi@itis.mn.it
+39 0376 321572 http://digilander.iol.it/salvis/
+39 0347 3820490 http://www.salvi.mn.it/stefano/
Reply to: