[Pdns-users] Problem with chroot and local resolving and anot her problem with guardian

Norbert Sendetzky norbert at linuxnetworks.de
Wed Jul 9 10:16:42 UTC 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 09 July 2003 10:06, Bauer, Georg wrote:
> Absolutely no comments on this? Actually I think this is a rather
> serious problem, as it makes some security measure rather
> pointless, if you have to set up your system combined with non-PDNS
> nameservers and have to rely on AXFRs.

I've done a quick test using chroot and didn't get it working too, but 
I think setting the chroot option doesn't do the job. Which files and 
directories are needed in the jail for chroot'ed startup? The 
pdns.controlsocket and the dynamic libraries seems to be very strong 
candidates. Anything else?

If I set chroot to "./" like described in the docs, what directory is 
used for the jail?


Norbert

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj8L640ACgkQxMLs5v5/7eAfvQCfQKmUNzgsJEqnODpeC5MTrjZE
So8An0AIIz2kf4zpC92m/wHY2NgOWLxy
=vHVs
-----END PGP SIGNATURE-----



More information about the Pdns-users mailing list