5177610 2000-06-08 23:03 /76 rader/ Postmaster Mottagare: Bugtraq (import) <11223> Ärende: Re: bind running as root in Mandrake 7.0 ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: bugtraq@securityfocus.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <20000608114025.F2693@securityfocus.com> Date: Thu, 8 Jun 2000 11:40:25 -0700 Reply-To: aleph1@SECURITYFOCUS.COM Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Elias Levy <aleph1@SECURITYFOCUS.COM> To: BUGTRAQ@SECURITYFOCUS.COM In-Reply-To: <20000604173901.A30077@halfpricehosting.com> This is a summary of the last responses in this thread. I am killing this thread here. Jim Knoble <jmknoble@pint-stowp.cx>: Those really interested in a secure DNS server ought to forget trying to secure BIND and use D. J. Bernstein's dnscache package instead: http://cr.yp.to/dnscache.html Its "regular" DNS server, tinydns, runs as a non-root user in chrooted environment by default. Read the website for more info about security, dnscache, and BIND. Thomas Novin <thnov@thalamus.se>: >Debian Slink and Potato (frozen) both install BIND 8.2.2R5 as root. Slackware also as long as I can remeber. Same goes for the latest version, 7.0-current. "Andrew L . Davis" <adavis@THREKSTUN.NET>: > Debian Slink and Potato (frozen) both install BIND 8.2.2R5 as root. There was a long standing discussion on this which basically boils down to the fact that if you obtain your address dynamically or have dynamic interfaces (some form of PPP or anything on PCMCIA) you have to run it as root in order for bind to use these interfaces. bind does not bind 0.0.0.0:53. It for one or another reason binds every interface separately. Hence if an interface is not available at bind start time and bind does not run as root the interfaces are not rebound. So running as non-root will not work in some cases. They may be covered in any of the listed distros but this means making bind, all dhcp-clients, pcmcia, ppp, ad naseum depend on each other and mess with each other's init scripts. For now I do not know of a distro that does this. Nicolas MONNET <nico@MONNET.TO>: Red Hat 6.0 runs named as root.root. Red Hat 6.2 runs named as named.named Andreas Hasenack <andreas@conectiva.com.br>: That fix also doesn't take into consideration that named can dump some statistics files, such as named.memstat, named.stats and named_dump.db. named follows symlinks, and therefore those files shouldn't be dumped in a world writable directory such as /var/tmp (although we are now running as an unprivileged user). One shoule create another directory, give the right permissions to it and let named dump those files there. For example, the following lines in named.conf's options section: dump-file "/var/named/dump/named_dump.db"; statistics-file "/var/named/dump/named.stats"; memstatistics-file "/var/named/dump/named.memstats"; And make that directory so that the "named" user can create files there. -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum (5177610) ------------------------------------------(Ombruten)