[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] regarding named running as root after pkg update...

Subject: Re: [cobalt-users] regarding named running as root after pkg update...
From: SM <nntp@xxxxxxxxx>
Date: Fri Mar 23 14:45:33 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

At 22:54 23-03-2001 -0000, you wrote:
>However, one way to combat this is to run the server under a less-privileged
>user, in the case named, so that should a future exploit be found, you would
>be _less_ vulnerable to further damage arising from the dumping of your
>hacker at the shell prompt. Of course, they could still have shell access,
>but at least they're not running with root privileges.

That is correct.  This is why named (BIND) should drop root privileges once
it is started.

-sm

References:
- [cobalt-users] regarding named running as root after pkg update...
  - From: shimi
- Re: [cobalt-users] regarding named running as root after pkg update...
  - From: Glen Scott
- Re: [cobalt-users] regarding named running as root after pkg update...
  - From: Jonathan Michaelson

Prev by Date: Re: [cobalt-users] Zone Transfers
Next by Date: Re: [cobalt-users] [root access with ProFTPD]
Previous by thread: Re: [cobalt-users] regarding named running as root after pkg update...
Next by thread: [cobalt-users] Bandwidth Monitor

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index