Where can i find THe BIND folder?
Chasecreek Systemhouse
chasecreek.systemhouse at gmail.com
Fri Jan 13 14:19:06 UTC 2006
On 1/13/06, Paul Howarth <paul at city-fan.org> wrote:
> Chasecreek Systemhouse wrote:
> > On 1/13/06, Justin Willmert <justin at jdjlab.com> wrote:
> >
> >
> >>/var/named/chroot/etc/named.conf (config file)
> >>/var/named/chroot/var/named/ (zone files dir)
> >
> >
> > It should not be chrooted if SELinux is enabled.
>
> Whyever not?
>
> > And SELinux is more secure than a chrooted name server.
>
> And chrooted+SELinux is more secure still. Layers of defence and all that.
LOL =)
In case no one read the named man page -- improperly set-up named
servers running as root can break out of chroot jail.
--
WC -Sx- Jones | http://ccsh.us/ | Open Source Consulting
More information about the fedora-list
mailing list