[Gllug] DHCP, Bind9 and DDNS setup
Martin A. Brooks
martin at clues.ltd.uk
Tue Apr 6 07:10:21 UTC 2004
Hi Dan,
On Thursday, May 6, 2004, Dan Kolb wrote:
> How about one less potential problem/attack vector? Anyway, for the
> price of an extra command-line argument, there's no harm in doing it.
A chroot jail doesn't stop anyone getting in, it merely stops them
being able to easily exploit the rest of the system once they do. (You
keep all your system up to date anyway, don't you?)
Running services as an unprivileged user provides a very similar level
of protection without having to resort to config file duplication
and/or nasty hardlink hacks.
E0.02
--
Martin A. Brooks, Clues Ltd.
http://www.clues.ltd.uk/
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list