Not by default. Take a look at marc's secure-compartment. Really he is good: www.suse.de/~marc -> 'Work at SuSE' -> Compartment. His init_bind8 script works like magic, however slave servers need to have the binary that does zone transfers ( something-xfer, I forget) added to the list of files to go into the chroot jail. On Wed, Apr 04, 2001 at 12:55:05PM -0700, Christopher Mahmood wrote:
* Ashley (ashleyg@dnai.com) [010404 12:28]:
Can anyone tell me why SuSE set up bind8 logging in this way?
Isn't bind chroot'ed in 7.1? If so, named wouldn't have access to the /dev/log socket so it wouldn't make sense to have any entries in /etc/syslogd.conf for it.
I guess I should get around to installing 7.1 someday ;)
--
-ckm
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- -ashley One of these days I'm going to completely organize my life.