[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Running Bind as non Root

Subject: Re: [cobalt-users] Running Bind as non Root
From: Rik Thomas <rikt@xxxxxxxxxxxxxxxx>
Date: Thu Aug 23 04:20:34 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Thu, 23 Aug 2001, Ja wrote:

>  Hi,
>  I just installed bind-update.pkg  and it runs under user "root". I heard that named should not run as user "root". Could someone
> provide an alterative answer and maybe a resolution?
>
> thanks
>
> Ja

While I don't advocate running your dns on a cobalt server many do and do
it quite well.  I used this article when working on my name serves as a
how to and to better educate myself on bind and it's related problems.

http://www.sans.org/infosecFAQ/DNS/sec_BIND.htm

disclaimer, I have no idea if all of this would work on a cobalt box.  But
it should work.

Remember, if someone hacks a service that runs as root they get root
access with all of it's privledges.  If you run something as named and
only give it access to one particular directory and files with very
limited rights on your machine then they only inherit named access, a
great enhancer to your security.

-- 
Rik Thomas
rikt@xxxxxxxxxxxxxxxx http://SmartBackups.com
Is your Website Smart? Automated Website backups.  Free 30Day trial!
Ph: 302.672.7314 Fx: 302.672.7315 ICQ: 879956

References:
- [cobalt-users] Running Bind as non Root
  - From: Ja

Prev by Date: [cobalt-users] Raq4i DNS + EasyDNS
Next by Date: [cobalt-users] Mail::Mailer
Previous by thread: Re: [cobalt-users] Running Bind as non Root
Next by thread: Re: [cobalt-users] Running Bind as non Root

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index