Bugtraq mailing list archives
Re: bind running as root in Mandrake 7.0
From: philarete () MINDSPRING COM (Brock Sides)
Date: Sat, 3 Jun 2000 20:53:13 -0500
Nicolas MONNET wrote:
bind is run as user / group 'root' in Mandrake 7.0, and probably in Redhat6.x as well. This is a surprising (if not stupid) setting given the fact that sploits exist that easily break out of any chroot jail in such a case; and that switching users is as easy as adding an option to named. Esp. given the infuriatingly poor security track record of named ... Indeed, here's a simple patch against /etc/rc.d/init.d/named that I strongly suggest applying. It does'nt seem to cause any problem for me.
RedHat 6.2 runs BIND as user/group "named", IIRC. Your patch will break things if you're running a slave nameserver, unless you also chown /var/named (or wherever you're keeping your automatically generated zone files) to the user you're running named as. Brock Sides philarete () mindspring com
Current thread:
- Re: Remote DoS attack in Real Networks Real Server (Strike #2) vulnerability Ryan Russell (Jun 01)
- Re: Remote DoS attack in Real Networks Real Server (Strike #2) vulnerability Christopher Schulte (Jun 02)
- bind running as root in Mandrake 7.0 Nicolas MONNET (Jun 03)
- Re: bind running as root in Mandrake 7.0 Brock Sides (Jun 03)
- Re: bind running as root in Mandrake 7.0 White Vampire (Jun 03)
- Re: bind running as root in Mandrake 7.0 Andrew L . Davis (Jun 04)
- Re: bind running as root in Mandrake 7.0 Elias Levy (Jun 08)
- Circumventing Outlook Security Update File Download Security With IFRAMEs cassius () HUSHMAIL COM (Jun 09)
- Re: bind running as root in Mandrake 7.0 Nathan Neulinger (Jun 11)
- Remote DoS for Mercur 3.2 |[TDP]| (Jun 13)
- Vulnerability in Solaris ufsrestore Job de Haas (Jun 14)
- <Possible follow-ups>
- Re: Remote DoS attack in Real Networks Real Server (Strike #2) Vulnerability Christopher Schulte (Jun 02)