From owner-freebsd-security  Sun Jul 25 22: 4:32 1999
Delivered-To: freebsd-security@freebsd.org
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
	by hub.freebsd.org (Postfix) with ESMTP id BDA2D151C9
	for <security@FreeBSD.ORG>; Sun, 25 Jul 1999 22:04:30 -0700 (PDT)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.3/8.9.1) id WAA42888;
	Sun, 25 Jul 1999 22:02:19 -0700 (PDT)
	(envelope-from dillon)
Date: Sun, 25 Jul 1999 22:02:19 -0700 (PDT)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199907260502.WAA42888@apollo.backplane.com>
To: Mike Hoskins <mike@snafu.adept.org>
Cc: Sue Blake <sue@welearn.com.au>, security@FreeBSD.ORG
Subject: Re: sandbox??
References:  <Pine.BSF.4.10.9907251539570.24644-100000@snafu.adept.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

:I run BIND in a sandbox on my 3.2-R and 4.0-C systems and it works great.
:Rather than setting up a non-standard chroot() area I just kept
:/etc/namedb around, did a 'chgrp bind /etc/namedb', 'chmod 774
:/etc/namedb', and added a 'pid-file "/etc/namedb/named.pid";' entry to
:named.conf so named wouldn't need access to /var/run.
:
:Mike Hoskins
:<mike@adept.org>

    Ouch, I wouldn't do that!  Leave the files and directories that named
    only reads owned by root and modes 644 or 755.  Only files and directories
    that named *writes* needs to be owned by the sandbox... that usually means
    the secondary zone directory, which I usually create a subdirectory for.

    For the same reason, named and its support binaries should be owned by
    root even if run as user bind.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message