Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: bind running as root in Mandrake 7.0

From: whitevampire () MINDLESS COM (White Vampire)
Date: Sat, 3 Jun 2000 22:35:23 -0400

On Sat, Jun 03, 2000 at 04:03:51PM +0200, Nicolas MONNET(nico () MONNET TO) wrote:
: bind is run as user / group 'root' in Mandrake 7.0, and probably in
: Redhat6.x as well. This is a surprising (if not stupid) setting given the
: fact that sploits exist that easily break out of any chroot jail in such a
: case; and that switching users is as easy as adding an option to
: named. Esp. given the infuriatingly poor security track record of named
: ...
: 
: Indeed, here's a simple patch against /etc/rc.d/init.d/named that I
: strongly suggest applying. It does'nt seem to cause any problem for me.
: 
: *** named.orig        Sat Jun  3 15:55:00 2000
: --- named     Fri Jun  2 22:04:10 2000
<snip>

        This is a valid concern, although your fix is a bit
lacking.  Anybody who is serious about security and wants to run a DNS
should take some basic security precautions.  Those being, chroot jail,
and a 'named' user (or at least running as a non-root user).

        Those interested in more information and some good proceedures
should read this
HOWTO: http://metalab.unc.edu/pub/Linux/docs/HOWTO/Chroot-BIND-HOWTO.

Regards,

-- 
    __      ______   ____
   /  \    /  \   \ /   / White Vampire\Rem
   \   \/\/   /\   Y   /  http://www.projectgamma.com/
    \        /  \     /   http://www.webfringe.com/
     \__/\  /    \___/    http://www.gammaforce.org/
          \/ "Silly hacker, root is for administrators."


<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>
Previous By Date Next
Previous By Thread Next

Current thread: