> ... and here I was expecting you to say "but how do you compile a C
> program in a chrooted environment", and I was going to say "well okay,
> you do have a point, so the end result would be the same chicken/egg
> problem with one needing a binary to get out of the chroot", which
> either Terry, Crossfire or Angus would rebuke further... etc, etc.
well, what is stopping that same program compiled on a similar box being
downloaded and run from within the chroot environment...
so, you then remove all means of transferring files from within the
chroot environment...
where do you stop??? ...my head hurts!
> I'd imagine that a chrooted bind that isn't running as root would be
> safer.
^^^^^
emphasis on the "safer" which != "safe"...
on the subject of bind, has anyone researched the alternatives to bind?
anyone used djbdns?
later
marty
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
