From owner-freebsd-stable Sat Sep 21 21:57:46 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15D3737B401 for ; Sat, 21 Sep 2002 21:57:45 -0700 (PDT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 54D3043E6E for ; Sat, 21 Sep 2002 21:57:44 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id WAA02753; Sat, 21 Sep 2002 22:56:57 -0600 (MDT) X-message-flag: Warning! Use of Microsoft Outlook is dangerous and makes your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20020921224956.027c1850@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Sat, 21 Sep 2002 22:56:56 -0600 To: Phil Kernick From: Brett Glass Subject: Re: Suggested modification to default install Cc: The Anarcat , freebsd-stable@FreeBSD.ORG In-Reply-To: <3D8D07E5.6010609@Kernick.org> References: <4.3.2.7.2.20020920095347.00b15f00@localhost> <20020510194022.D77057@lpt.ens.fr> <000701c1f804$47d5dc00$6401a8c0@penguin> <20020510140222.M57329@lpt.ens.fr> <15580.1017.276905.556906@guru.mired.org> <20020510194022.D77057@lpt.ens.fr> <4.3.2.7.2.20020920095347.00b15f00@localhost> <4.3.2.7.2.20020921145846.026efc50@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 05:59 PM 9/21/2002, Phil Kernick wrote: >But by your own logic, the permanent configuration should be in /etc which is where all the configuration file live. Not all. There are also configuration files in /usr/local/etc. Even though BIND is part of the base install, there are good arguments for moving it out to /usr/local (the primary ones being the same as for doing likewise with SSH). >/usr/local is where all of the ports put their stuff. Not just ports. Anything that's really not part of the OS goes there. Now that so many folks use BIND 9 or djbdns, I think that BIND qualifies.... >It's even reasonable to consider that the actual configuration is really named.conf, and the zone files are extras. Well, kinda sorta. Another way to look at it is that if BIND is sandboxed (which it should be!) its home directory should be in the same partition as the other home directories: /usr. >I've always really hated this approach. /usr is where the vendor supplied binaries should live, and should be able to be mounted read only to ensure that they can't easily get trojaned. > >That's why I *always* make /home a separate partition and /usr/local is *always* somewhere else (symlinked back) because both need to be written while /usr never does. I'm sure we could significantly improve security just by doing this. There are good arguments for putting home directories in /var. But as it currently stands, the convention is to put them in /usr. (I don't want to get involved in a discussion of redesigning the UNIX file system conventions here; that could go on forever. I'd like to focus on two goals: making root a synchronous partition and moving BIND's directories out of it (regardless of where they go). >While I disagree with the directory, Maybe we could make it an option? >I do agree that bind should be sandboxed by default. I agree with this. It could be done together with the move. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message