fedora-devel-list@redhat.com
[Top] [All Lists]
<prev [Date] next>
<prev [Thread] next>

Re: bind-chroot obsolete due to SElinux?

from [Tomasz Kłoczko]
Subject: Re: bind-chroot obsolete due to SElinux?
From: Tomasz Kłoczko
Date: Mon, 06 Mar 2006 23:28:18 +0100 
Dnia 06-03-2006, pon o godzinie 22:20 +0000, David Woodhouse napisaÅ(a):
> On Sat, 2006-03-04 at 14:14 -0500, Chris Tyler wrote:
> > Should we consider bind-chroot obsolete, since SElinux should be able
> > to provide similar protection (preventing named from touching files it
> > should not, even if compromised)?
> 
> Most definitely not. Chroot is simple and effective; I've still never
> been able to install and use SElinux without it breaking things.
> 

BTW bind.
Anyone work on fix Fedora bind for make this package FHS compliant ?
Current base directory for bind files is /var/named and acording to FHS
specification it will be better use /var/lib/named.

kloczek


-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: bind-chroot obsolete due to SElinux?, David Woodhouse
Next by Date:  Re: BIND and FHS, Dax Kelson
Previous by Thread:  Re: bind-chroot obsolete due to SElinux?, David Woodhouse
Next by Thread:  Re: BIND and FHS, Dax Kelson
Indexes:  [Date] [Thread] [Top] [All Lists]