ALL replied with, it's a good idea to create a user/group named and runs BIND in a chroot environment --more secure in case BIND needs patching, but you haven't got a chance to. Also, if/when BIND is compromise, user/group named gives another layer of security to protect root's access. So it's not just a matter of preference but good security practice. Thanks to all that replied. - Mike On Fri, 14 Jun 2002, Mike's List wrote: > I'm about to bring a DNS system online and wanted to get some feedback. > > -- Most Solaris system I've seen, named just runs/owns by root. > -- Most Linux (ie. Redhat) I've seen, named runs/owns by named > (user and group) --only /var/named and everything below owns > by named (user and group). > > My question is, does it matter if named is own by root or named? I can see > why Redhat/Linux is set so there's a user named and group named for another > layer of security, but how big of a deal if named is run/own by root? or is > this just "matter of preference"? > > Thanks. > > > - Mike _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Mon Jun 17 13:56:36 2002
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:46 EST