mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 05:57:52 +00:00
Code Issues Releases Wiki Activity

mention that threads & setuid work with Linux 2.2.18.

Browse Source
This commit is contained in:
Brian Wellington 2001-04-13 06:26:26 +00:00
parent ddb8f23a09
commit aa6db091d0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
FAQ
View File

@ -13,10 +13,10 @@ can on all other supported platforms. setuid() cannot be called before
creating threads, since the server does not start listening on reserved ports creating threads, since the server does not start listening on reserved ports
until after threads have started. until after threads have started.
In the 2.3.99-pre3 and newer kernels, the ability to preserve capabilities In the 2.2.18 or 2.3.99-pre3 and newer kernels, the ability to preserve
across a setuid() call is present. This allows BIND 9 to call setuid() early, capabilities across a setuid() call is present. This allows BIND 9 to call
while retaining the ability to bind reserved ports. This is a Linux-specific setuid() early, while retaining the ability to bind reserved ports. This is
hack. a Linux-specific hack.
On a 2.2 kernel, BIND 9 does drop many root privileges, so it should be less On a 2.2 kernel, BIND 9 does drop many root privileges, so it should be less
of a security risk than a root process that has not dropped privileges. of a security risk than a root process that has not dropped privileges.