Date: Mon, 14 Dec 1998 19:16:52 -0800 (PST) From: dima@best.net (Dima Ruban) To: dillon@apollo.backplane.com (Matthew Dillon) Cc: des@flood.ping.uio.no, committers@FreeBSD.ORG Subject: Re: Bind sandbox bogosity Message-ID: <199812150316.TAA20006@burka.rdy.com> In-Reply-To: <199812150243.SAA50480@apollo.backplane.com> from Matthew Dillon at "Dec 14, 1998 6:43:56 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon writes: > The first problem is a non-problem, i.e. a bogus > warning because HUPing named does not change it's > pid. > > The second problem is real, and I did mention it. However, > my feeling is that running named in a sandbox is a basic > security precaution that must be taken and that the vast > majority of configurations will not have a problem with > it. It would be nice if there were a way to turn off > the interface scanning junk, though. named is the only > major program I know that does that (a Vixie bogosity, > in my view). sendmail is the other one. > > -Matt > > Matthew Dillon Engineering, HiWay Technologies, Inc. & BEST Internet > Communications & God knows what else. > <dillon@backplane.com> (Please include original email in any response) > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812150316.TAA20006>