On Sep 26, Peter Palfrader [EMAIL PROTECTED] wrote:
AFAIK mount -o ro --bind /etc/ foo/etc does not mount readonly. So
It will in future 2.4 releases.
there would be write access to the root partition in the chroot.
It does not matter anyway, because the files are owned by root and BIND 9
On Tue, Sep 25, 2001 at 11:11:53AM +0200, Martin F Krafft wrote:
please explain how a symlink /etc/bind - /var/chroot/bind/etc
would be a security problem?
That would suck. Config files belong in /etc only.
Hamish
--
Hamish Moffatt VK3SB [EMAIL PROTECTED] [EMAIL PROTECTED]
* Christian Kurz
| On 01-09-25 Steve Greenland wrote:
|
| I am so tired of hearing things like this. Nobody is forcing anyone to
| do anything. We already force them to use 2.2 instead of still using
| 2.0. You want the functionality, you use the right tools. You want to
|
| Were exactly do
* Steve Greenland
| I am so tired of hearing things like this. Nobody is forcing anyone to
| do anything. We already force them to use 2.2 instead of still using
| 2.0. You want the functionality, you use the right tools. You want to
| stick with 2.2, then *you* deal with the issues. The
On 01-09-25 Henrique de Moraes Holschuh wrote:
On Tue, 25 Sep 2001, Christian Kurz wrote:
On 01-09-24 Henrique de Moraes Holschuh wrote:
On Mon, 24 Sep 2001, Christian Kurz wrote:
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside
On 01-09-25 Roberto Suarez Soto wrote:
On Sep/25/2001, Christian Kurz wrote:
Were exactly do we force them? Which debian packages do not work well
with a 2.0.x kernel?
I think that maybe he refers to the fact that, for example, you may
have formatted your ext2 partitions so they
On Wed, 26 Sep 2001, Christian Kurz wrote:
and would instead suggestion to modify the documents stating that all
config files should be in /etc to make a exception for $CHROOT.
wears QA hat
NEVER. This is not some low-grade distribution where you can go around
scattering
On Sep/26/2001, Christian Kurz wrote:
I think that maybe he refers to the fact that, for example, you may
have formatted your ext2 partitions so they are incompatible with 2.0.x
Well, I once heared about this, but never read an explanation what
exactly causes the differences in the ext2
On Tue, Sep 25, 2001 at 04:34:31PM +0200, Christian Kurz wrote:
On 01-09-25 Steve Greenland wrote:
I am so tired of hearing things like this. Nobody is forcing anyone to
do anything. We already force them to use 2.2 instead of still using
2.0. You want the functionality, you use the right
On Wed, 26 Sep 2001, Roberto Suarez Soto wrote:
On Sep/26/2001, Christian Kurz wrote:
I think that maybe he refers to the fact that, for example, you may
have formatted your ext2 partitions so they are incompatible with 2.0.x
Well, I once heared about this, but never read an
Riku Voipio [EMAIL PROTECTED] immo vero scripsit
who the hell has to do more work, if we add *support* for
*automaticly* running bind9 in chroot jail if the kernel
supports --bind mounts?
By the way, are we talking about running bind as non-root
inside a chroot, or
are we talking about
On 25-Sep-01, 09:34 (CDT), Christian Kurz [EMAIL PROTECTED] wrote:
On 01-09-25 Steve Greenland wrote:
I am so tired of hearing things like this. Nobody is forcing anyone to
do anything. We already force them to use 2.2 instead of still using
2.0. You want the functionality, you use the
On 01-09-26 Riku Voipio wrote:
On Tue, Sep 25, 2001 at 04:34:31PM +0200, Christian Kurz wrote:
On 01-09-25 Steve Greenland wrote:
I am so tired of hearing things like this. Nobody is forcing anyone to
do anything. We already force them to use 2.2 instead of still using
2.0. You want
On 01-09-26 Roberto Suarez Soto wrote:
On Sep/26/2001, Christian Kurz wrote:
I think that maybe he refers to the fact that, for example, you may
have formatted your ext2 partitions so they are incompatible with 2.0.x
Well, I once heared about this, but never read an explanation what
On Sep 26, Peter Palfrader [EMAIL PROTECTED] wrote:
Are there any problems I missed with cimply copying the files?
Yes: people do not want to restart bind at every configuration changes.
Mount -bind is no option, hardlinks aren't either. Symlinks from
mount --bind is the right solution for
On Wed, 26 Sep 2001, Marco d'Itri wrote:
On Sep 26, Peter Palfrader [EMAIL PROTECTED] wrote:
Are there any problems I missed with cimply copying the files?
Yes: people do not want to restart bind at every configuration changes.
good point.
Mount -bind is no option, hardlinks aren't
Peter Palfrader [EMAIL PROTECTED] writes:
AFAIK mount -o ro --bind /etc/ foo/etc does not mount readonly. So
there would be write access to the root partition in the chroot.
If they are not writable by the user of the chroot process, that isn't
a problem. If the attacker gets root, the user
also sprach Tollef Fog Heen (on Wed, 26 Sep 2001 10:25:15AM +0200):
The right way is, imho, the way postfix deals with it. It took quite
some time before I discovered it chrooted itself.
i disagree stronlgy mainly because of things like tripwire, which i
think should be scanning *everything*
also sprach Junichi Uekawa (on Wed, 26 Sep 2001 09:23:32PM +0900):
By the way, are we talking about running bind as non-root
inside a chroot, or
are we talking about running bind as root inside a chroot?
is that a serious question? just *why* would you ever run bind9 as
root?
martin;
also sprach Christian Kurz (on Tue, 25 Sep 2001 10:11:07AM +0200):
But having a link from either the config-files in /etc/bind to $CHROOT
or in the other direction, could be in my opinion a security risk. In my
opinion there should be absolutely no link from $CHROOT to any file
outside the
also sprach Christian Kurz (on Mon, 24 Sep 2001 10:59:13PM +0200):
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside $CHROOT and having no symlink.
except if you want to enable the usual /etc/bind/ editing of
conf-files, which would make
also sprach Wichert Akkerman (on Tue, 25 Sep 2001 03:57:49AM +0200):
And scratch the second-most important feature of Debian (the first one being
the DFSG)? Do Not Move Config Files Out Of /etc. Ever. If you need it
elsewhere, at least leave a symbolic link in place.
bind mounts.
read
On 01-09-24 Henrique de Moraes Holschuh wrote:
On Mon, 24 Sep 2001, Christian Kurz wrote:
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside $CHROOT and having no symlink.
And scratch the second-most important feature of Debian (the first one
On 01-09-25 Wichert Akkerman wrote:
Previously Henrique de Moraes Holschuh wrote:
And scratch the second-most important feature of Debian (the first one being
the DFSG)? Do Not Move Config Files Out Of /etc. Ever. If you need it
elsewhere, at least leave a symbolic link in place.
bind
On Tue, 25 Sep 2001, Christian Kurz wrote:
On 01-09-24 Henrique de Moraes Holschuh wrote:
On Mon, 24 Sep 2001, Christian Kurz wrote:
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside $CHROOT and having no symlink.
And scratch the
On 25-Sep-01, 03:12 (CDT), Christian Kurz [EMAIL PROTECTED] wrote:
As I wrote in two emails before, this isn't a solution, since this
forces an administrator to use kernel 2.4.x instead of maybe still using
2.2.x.
I am so tired of hearing things like this. Nobody is forcing anyone to
do
On 01-09-25 Steve Greenland wrote:
On 25-Sep-01, 03:12 (CDT), Christian Kurz [EMAIL PROTECTED] wrote:
As I wrote in two emails before, this isn't a solution, since this
forces an administrator to use kernel 2.4.x instead of maybe still using
2.2.x.
I am so tired of hearing things
On 01-09-25 Martin F Krafft wrote:
also sprach Christian Kurz (on Mon, 24 Sep 2001 10:59:13PM +0200):
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside $CHROOT and having no symlink.
except if you want to enable the usual /etc/bind/ editing
On Sep/25/2001, Christian Kurz wrote:
Were exactly do we force them? Which debian packages do not work well
with a 2.0.x kernel?
I think that maybe he refers to the fact that, for example, you may
have formatted your ext2 partitions so they are incompatible with 2.0.x
kernels. Or to
On Tue, 25 Sep 2001, Christian Kurz wrote:
But having a link from either the config-files in /etc/bind to $CHROOT
or in the other direction, could be in my opinion a security risk.
Henrique de Moraes Holschuh [EMAIL PROTECTED] wrote:
Oh, how so?
Because the files accessed from within the
Sam Couter [EMAIL PROTECTED] writes:
Because the files accessed from within the chroot once it's broken are the
SAME FILES as on the real system.
We're not discussing running two binds on a system, one in a chroot
and one not. (Although I think I understand your concern now.)
We're
On Wed, 26 Sep 2001, Sam Couter wrote:
On Tue, 25 Sep 2001, Christian Kurz wrote:
But having a link from either the config-files in /etc/bind to $CHROOT
or in the other direction, could be in my opinion a security risk.
Henrique de Moraes Holschuh [EMAIL PROTECTED] wrote:
Oh, how so?
On 01-09-23 Martin F Krafft wrote:
complicated for i did not know about the mount --bind option. sure,
this only works with 2.4.x, but if any chroot changes to bind9 are
going public, then this will be bundled with a 2.4.x kernel-image,
right? will testing be 2.4.x?
So you want to force
also sprach Christian Kurz (on Mon, 24 Sep 2001 10:31:54AM +0200):
So you want to force everyone who is interested in running this chroot
to use a kernel 2.4.x at least? That's in my opinion a not acceptable
solution, since the decision which kernel is used, should never be
depending on a
On Sep 24, Christian Kurz [EMAIL PROTECTED] wrote:
So you want to force everyone who is interested in running this chroot
to use a kernel 2.4.x at least? That's in my opinion a not acceptable
Yes, since managing a chroot environment without bind mounts is way
harder and IMO cannot
On 01-09-24 Marco d'Itri wrote:
On Sep 24, Christian Kurz [EMAIL PROTECTED] wrote:
So you want to force everyone who is interested in running this chroot
to use a kernel 2.4.x at least? That's in my opinion a not acceptable
Yes, since managing a chroot environment without bind mounts is
On 01-09-24 Martin F Krafft wrote:
also sprach Christian Kurz (on Mon, 24 Sep 2001 10:31:54AM +0200):
So you want to force everyone who is interested in running this chroot
to use a kernel 2.4.x at least? That's in my opinion a not acceptable
solution, since the decision which kernel is
On Mon, 24 Sep 2001, Christian Kurz wrote:
Hm, that doesn't make much sense too me. I think the best thing would be
to have /etc/bind inside $CHROOT and having no symlink.
And scratch the second-most important feature of Debian (the first one being
the DFSG)? Do Not Move Config Files Out Of
Previously Henrique de Moraes Holschuh wrote:
And scratch the second-most important feature of Debian (the first one being
the DFSG)? Do Not Move Config Files Out Of /etc. Ever. If you need it
elsewhere, at least leave a symbolic link in place.
bind mounts.
Wichert.
--
On Sep 22, Bdale Garbee [EMAIL PROTECTED] wrote:
Having said that, since I don't personally run bind9 in a chroot, I continue
to be willing to accept a clueful patch to the current bind9 source in non-US
to implement this... but am in no big rush to implement it myself.
There are no packaging
also sprach Marco d'Itri (on Sun, 23 Sep 2001 11:47:33AM +0200):
There are no packaging changes needed.
To chroot bind you just have to fix $OPTS in /etc/init.d/bind9 and
create the two mount binds I described earlier.
marco is right, following his advice, i just chrooted my bind in the
most
WRT chrooting certain applications - wouldn't it make sense to mandate
one consistent way for the user to do this if the package supports it?
That way, chrooting daemons is much more user-friendly, which in turn
will (hopefully) lead to more people doing it.
One idea: In a configuration file,
* Richard Atterer [EMAIL PROTECTED] [010922 16:26]:
One idea: In a configuration file, the user lists those daemons he
wants to run chrooted. init.d scripts that support it read this
information and act on it, copying the required files to a chroot
before starting the daemon there.
(The
also sprach Richard Atterer (on Sat, 22 Sep 2001 03:28:21PM +0200):
One idea: In a configuration file, the user lists those daemons he
wants to run chrooted. init.d scripts that support it read this
information and act on it, copying the required files to a chroot
before starting the daemon
[EMAIL PROTECTED] (Martin F Krafft) writes:
i don't think a global solution is a good choice here. if i install
bind9-chroot (hypothetically speaking), then bind9 should not possibly
ever run non-chrooted again. this should be done via diversions.
Eee. Diversions are so, well, messy. I
On Sat, Sep 22, 2001 at 05:39:20PM +0200, Bernhard R. Link wrote:
Help, please no. More supports for chroots may be nice. But not this
way! init.d-scripts calling scripts, that parse global config files
is ugly and one of the many points to make people switch from Suse
or Redhat to debian.
On
also sprach Bdale Garbee (on Sat, 22 Sep 2001 12:06:37PM -0600):
Eee. Diversions are so, well, messy. I think the obvious right
way to handle this is to add debconf support to the bind9 package
asking whether to run in a chroot or not, and if the answer is yes,
just do it. As has been
also sprach Richard Atterer (on Sat, 22 Sep 2001 10:03:55PM +0200):
What alternative possibilities for implementing this do you see? The
package will have to contain the necessary chrooting script somewhere,
and the admin will have to perform some action to trigger its
execution. After he has
Martin F Krafft wrote:
also sprach Richard Atterer (on Sat, 22 Sep 2001 10:03:55PM +0200):
What alternative possibilities for implementing this do you see? The
package will have to contain the necessary chrooting script somewhere,
and the admin will have to perform some action to trigger
On Sat, Sep 22, 2001 at 05:39:20PM +0200, Bernhard R. Link wrote:
* Richard Atterer [EMAIL PROTECTED] [010922 16:26]:
One idea: In a configuration file, the user lists those daemons he
wants to run chrooted. init.d scripts that support it read this
information and act on it, copying the
also sprach Bryan Andersen (on Sat, 22 Sep 2001 05:42:23PM -0500):
For even better security, just make the standard install chrooted
if it is of wise security reasons to. I've long questioned why
this hasn't been done for many daemons already. I know some people
may feel that because it
also sprach Bdale Garbee (on Thu, 20 Sep 2001 06:00:59PM -0600):
bind9-chroot -- convert a bind9 installation to a chroot'd one
What does this package do? I have offered numerous times to accept a patch
for the bind9 package to optionally implement chroot installation and nobody
has
On Fri, 21 Sep 2001, Martin F Krafft wrote:
how about this: i'll make the package (which will basically be a
postinst/prerm pair and nothing else, and then we can always integrate
IMHO it would be better if you did it the way it is done in the postfix
package. The initscript sets up the chroot
On Sep 21, Henrique de Moraes Holschuh [EMAIL PROTECTED] wrote:
inside the jail... (unless bind9 does not need to have any libs and config
files such as resolv.conf inside its jail, in which case there is no need
for such a script).
It does not.
The only things needed are /var/run/,
54 matches
Mail list logo