RE: bind9 in a chroot ?

From: Mike Roest (bsd-lists@blahz.ab.ca)
Date: 04/25/02

• Next message: VB: "Re: patching holes Hmmmm"
• Previous message: Moti: "bind9 in a chroot ?"
• In reply to: Moti: "bind9 in a chroot ?"
• Next in thread: SecLists: "RE: bind9 in a chroot ?"
• Reply: SecLists: "RE: bind9 in a chroot ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Mike Roest" <bsd-lists@blahz.ab.ca>
To: "'Moti'" <moti@flncs.com>, <freebsd-security@freebsd.org>
Date: Thu, 25 Apr 2002 11:43:08 -0600

Yep it is running in the chroot. The -t /etc/chroot shows that. I
think that's the only real way to tell

--Mike

-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of Moti
Sent: Thursday, April 25, 2002 9:55 AM
To: freebsd-security@freebsd.org
Subject: bind9 in a chroot ?

o.k
i followed the instructions and i'm quite sure i have it all right ( dns
working and all )
question is : how do i verify that my bind is really running chrooted ?
will ps -auxw |grep named output -> bind 170 0.0 2.1 3228 2604 ??
Ss
11:52AM 0:00.12 /usr/local/sbin/named -u bind -c
/etc/namedb/named.conf -t
/etc/chroot
be enough ?
Moti

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: VB: "Re: patching holes Hmmmm"
• Previous message: Moti: "bind9 in a chroot ?"
• In reply to: Moti: "bind9 in a chroot ?"
• Next in thread: SecLists: "RE: bind9 in a chroot ?"
• Reply: SecLists: "RE: bind9 in a chroot ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: BIND in chroot jail ... > I see the bind user is defined as BIND Sandbox, ... running Bind9 in a chroot jail is really quite easy. ... of all, with Bind9, there's no need to install the software under the ... (freebsd-questions) Re: Only an ftp account ... You may also want to add that user to /etc/ftpchroot which will chroot ... them to their home directory. ... > How would I be able to give an account to someone where they can only ... with "unsubscribe freebsd-security" in the body of the message ... (FreeBSD-Security) Re: DNS Question ... chroot to communicate with a daemon outside the chroot, ... I worry about my child and the Internet all the time, ... Here's what I worry about. ... with "unsubscribe freebsd-security" in the body of the message ... (FreeBSD-Security) Re: FreeBSD 4.3 local root PREVENTIONS ... compile it exploit ... then run chroot /path_to/test ./vv ... with "unsubscribe freebsd-security" in the body of the message ... (FreeBSD-Security) Re: Preventing FTP user accessing other directories ... ProFTPd also allows easy configuration ... >> We need to setup FTP for users to copy files from our UNIX box. ... do 'man ftpd' and look for 'chroot' or '/etc/ftpchroot'. ... with "unsubscribe freebsd-security" in the body of the message ... (FreeBSD-Security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint