The FreeBSD Handbook describes running BIND (named) in a sandbox, i.e. using chroot to force the named to think that its place in the filesystem is actually the filesystem root when it's not, so it sees /somewhere/deep/inthe/file/jungle as /. So if hackers break named they theoretically cannot attack the real root of the filesystem, only what is within the chroot path.
Then the Handbook rather offhandedly mentions that some people would recommend putting named into a jail instead. So I've been looking into the jail system in FreeBSD, and comments suggest that it offers better security. On the surface, jail seems to do the same thing: deceive a process into believing that its place in the filesystem is root, and stopping access to directories outside that path.
Questions (for the old and wise): So, are there any FreeBSD-internals masters who can answer the following:
1) What happens if named is broken with neither chroot nor jail, assuming named is running as user and group bind (rather than as root)?
2) What happens if named is broken while using chroot?
3) What happens if named is broken while in a jail, and how is this less dangerous than using chroot?
Also, can FreeBSD run as a gateway with NAT while using a jail? A jail needs its own IP address, and that seems to intefere with the way other services need to be configured.
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"