mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 13:38:26 +00:00
Code Issues Releases Wiki Activity

mention that threads & setuid work with Linux 2.2.18.

Browse Source
This commit is contained in:
Brian Wellington 2001-04-13 06:26:26 +00:00
parent ddb8f23a09
commit aa6db091d0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
FAQ
View File

@ -13,10 +13,10 @@ can on all other supported platforms. setuid() cannot be called before
creating threads, since the server does not start listening on reserved ports
until after threads have started.
In the 2.3.99-pre3 and newer kernels, the ability to preserve capabilities
across a setuid() call is present. This allows BIND 9 to call setuid() early,
while retaining the ability to bind reserved ports. This is a Linux-specific
hack.
In the 2.2.18 or 2.3.99-pre3 and newer kernels, the ability to preserve
capabilities across a setuid() call is present. This allows BIND 9 to call
setuid() early, while retaining the ability to bind reserved ports. This is
a Linux-specific hack.
On a 2.2 kernel, BIND 9 does drop many root privileges, so it should be less
of a security risk than a root process that has not dropped privileges.