First, thank you a lot everybody, I didn't think to have several detailed
e-mails like that.
I need now to merge all of your ideas and a propose a new version of the
config file.
However, I answer first to Tony, because I have a remark below:
2018-01-15 19:15 GMT+01:00 Tony Finch
Tony Finch wrote:
> Ludovic Gasc wrote:
> >
> > 1. The list of minimal capabilities needed for bind to run correctly:
> > http://man7.org/linux/man-pages/man7/capabilities.7.html
>
> named already drops capabilities - have a look at the code around here:
>
Ludovic Gasc wrote:
>
> 1. The list of minimal capabilities needed for bind to run correctly:
> http://man7.org/linux/man-pages/man7/capabilities.7.html
named already drops capabilities - have a look at the code around here:
Am 15.01.2018 um 18:58 schrieb Ludovic Gasc:
Hi,
(Not sure it's the right mailing-list to discuss about this, tell me if
it's another one)
For your information, systemd offers several options to increase the
security of each daemon based on cgroups, like Docker or rkt.
For example:
Hi,
(Not sure it's the right mailing-list to discuss about this, tell me if
it's another one)
For your information, systemd offers several options to increase the
security of each daemon based on cgroups, like Docker or rkt.
For example:
5 matches
Mail list logo