Date: Mon, 4 Oct 2004 18:25:31 -0700 (PDT) From: Doug Barton <DougB@FreeBSD.org> To: Jose M Rodriguez <josemi@freebsd.jazztel.es> Cc: freebsd-current@freebsd.org Subject: Re: New BIND 9 chroot directories Message-ID: <20041004181933.H96420@bo.vpnaa.bet> In-Reply-To: <200410042343.19211.freebsd@redesjm.local> References: <4160259A.3070708@FreeBSD.org> <200410041734.53316.freebsd@redesjm.local> <200410042343.19211.freebsd@redesjm.local>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
--0-895023347-1096939531=:96420
Content-Type: TEXT/PLAIN; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8BIT
On Mon, 4 Oct 2004, Jose M Rodriguez wrote:
> El Lunes, 4 de Octubre de 2004 22:10, Doug Barton escribió:
> Really good work. But, this is really needed?
> I can't see why.
Because running bind chrooted is considerably safer, and the defaults
should be as safe as possible unless it is an inconvenience to the
majority of our users. In this case you are arguing against the change
because it is a temporary inconvenience to you. That's not a good enough
reason. :)
The entry in UPDATING already says, "If you are running a custom named
config already, go look at the defaults." We expect users doing more
advanced things to have more advanced skills. If they don't, they should
probably use the defaults.
As for your other message about names of directories, layouts, etc.,
feel free to edit the BIND.chroot.dist mtree file, and you can have
whatever you want. For that matter, edit /etc/rc.d/named if it will make
you feel better. No one is "forcing" you to do anything. You have all
the bits directly at hand, and the ability to do whatever you want with
them.
Enjoy,
Doug
--
This .signature sanitized for your protection
--0-895023347-1096939531=:96420--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041004181933.H96420>