|
|
SUMMARY: user/group named: msg#00089os.solaris.managers.summaries
ALL replied with, it's a good idea to create a user/group named and runs BIND in a chroot environment --more secure in case BIND needs patching, but you haven't got a chance to. Also, if/when BIND is compromise, user/group named gives another layer of security to protect root's access. So it's not just a matter of preference but good security practice. Thanks to all that replied. - Mike On Fri, 14 Jun 2002, Mike's List wrote: > I'm about to bring a DNS system online and wanted to get some feedback. > > -- Most Solaris system I've seen, named just runs/owns by root. > -- Most Linux (ie. Redhat) I've seen, named runs/owns by named > (user and group) --only /var/named and everything below owns > by named (user and group). > > My question is, does it matter if named is own by root or named? I can see > why Redhat/Linux is set so there's a user named and group named for another > layer of security, but how big of a deal if named is run/own by root? or is > this just "matter of preference"? > > Thanks. > > > - Mike |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | SUMMARY: Network degradation with a dual-homed E4500: 00089, Josh Glover |
|---|---|
| Next by Date: | SUMMARY: Problems with Solaris 8, RAID Manager 6.22 & SBU/LGT SCS I Passthru Drivers: 00089, Caparroso, Nelson T. (AAS) |
| Previous by Thread: | SUMMARY: Network degradation with a dual-homed E4500i: 00089, Josh Glover |
| Next by Thread: | SUMMARY: Problems with Solaris 8, RAID Manager 6.22 & SBU/LGT SCS I Passthru Drivers: 00089, Caparroso, Nelson T. (AAS) |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |