On Mon, Jun 05, 2000 at 10:28:04AM +0100, Anton Ivanov wrote: > There was a long standing discussion on this which basically boils down to > the > fact that if you obtain your address dynamically or have dynamic interfaces > (some form of PPP or anything on PCMCIA) you have to run it as root in order > for bind to use these interfaces. > > bind does not bind 0.0.0.0:53. It for one or another reason binds every > interface separately. Hence if an interface is not available at bind start > time and bind does not run as root the interfaces are not rebound.
And I still think this is a stupid reason for us to be allowing a security problem to sit around--how many people run dns servers on machines with dynamic addresses? -- Mike Stone
pgpn4jEyknlY0.pgp
Description: PGP signature
