SUMMARY: user/group named

From: Mike's List <>
Date: Mon Jun 17 2002 - 13:48:30 EDT
ALL replied with, it's a good idea to create a user/group named and runs
BIND in a chroot environment --more secure in case BIND needs patching,
but you haven't got a chance to.  Also, if/when BIND is compromise,
user/group named gives another layer of security to protect root's access.

So it's not just a matter of preference but good security practice.
Thanks to all that replied.

- Mike

On Fri, 14 Jun 2002, Mike's List wrote:

> I'm about to bring a DNS system online and wanted to get some feedback.
> -- Most Solaris system I've seen, named just runs/owns by root.
> -- Most Linux (ie. Redhat) I've seen, named runs/owns by named
>    (user and group) --only /var/named and everything below owns
>    by named (user and group).
> My question is, does it matter if named is own by root or named? I can see
> why Redhat/Linux is set so there's a user named and group named for another
> layer of security, but how big of a deal if named is run/own by root? or is
> this just "matter of preference"?
> Thanks.
> - Mike
sunmanagers mailing list
Received on Mon Jun 17 13:56:36 2002

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:42:46 EST