diff options
Diffstat (limited to 'contrib/bind9/doc/arm/Bv9ARM.ch07.html')
| -rw-r--r-- | contrib/bind9/doc/arm/Bv9ARM.ch07.html | 35 |
1 files changed, 19 insertions, 16 deletions
diff --git a/contrib/bind9/doc/arm/Bv9ARM.ch07.html b/contrib/bind9/doc/arm/Bv9ARM.ch07.html index 4ddbced..80ba6e3 100644 --- a/contrib/bind9/doc/arm/Bv9ARM.ch07.html +++ b/contrib/bind9/doc/arm/Bv9ARM.ch07.html @@ -1,5 +1,5 @@ <!-- - - Copyright (C) 2004-2008 Internet Systems Consortium, Inc. ("ISC") + - Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") - Copyright (C) 2000-2003 Internet Software Consortium. - - Permission to use, copy, modify, and distribute this software for any @@ -14,7 +14,7 @@ - OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR - PERFORMANCE OF THIS SOFTWARE. --> -<!-- $Id: Bv9ARM.ch07.html,v 1.75.18.76 2008/10/16 01:29:41 tbox Exp $ --> +<!-- $Id: Bv9ARM.ch07.html,v 1.178.14.5 2009/04/03 01:52:22 tbox Exp $ --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> @@ -46,10 +46,10 @@ <p><b>Table of Contents</b></p> <dl> <dt><span class="sect1"><a href="Bv9ARM.ch07.html#Access_Control_Lists">Access Control Lists</a></span></dt> -<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2593181"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt> +<dt><span class="sect1"><a href="Bv9ARM.ch07.html#id2598893"><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span></a></span></dt> <dd><dl> -<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2593326">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt> -<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2593386">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2598974">The <span><strong class="command">chroot</strong></span> Environment</a></span></dt> +<dt><span class="sect2"><a href="Bv9ARM.ch07.html#id2599034">Using the <span><strong class="command">setuid</strong></span> Function</a></span></dt> </dl></dd> <dt><span class="sect1"><a href="Bv9ARM.ch07.html#dynamic_update_security">Dynamic Update Security</a></span></dt> </dl> @@ -58,9 +58,10 @@ <div class="titlepage"><div><div><h2 class="title" style="clear: both"> <a name="Access_Control_Lists"></a>Access Control Lists</h2></div></div></div> <p> - Access Control Lists (ACLs), are address match lists that + Access Control Lists (ACLs) are address match lists that you can set up and nickname for future use in <span><strong class="command">allow-notify</strong></span>, - <span><strong class="command">allow-query</strong></span>, <span><strong class="command">allow-recursion</strong></span>, + <span><strong class="command">allow-query</strong></span>, <span><strong class="command">allow-query-on</strong></span>, + <span><strong class="command">allow-recursion</strong></span>, <span><strong class="command">allow-recursion-on</strong></span>, <span><strong class="command">blackhole</strong></span>, <span><strong class="command">allow-transfer</strong></span>, etc. </p> @@ -118,14 +119,16 @@ zone "example.com" { </div> <div class="sect1" lang="en"> <div class="titlepage"><div><div><h2 class="title" style="clear: both"> -<a name="id2593181"></a><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span> +<a name="id2598893"></a><span><strong class="command">Chroot</strong></span> and <span><strong class="command">Setuid</strong></span> </h2></div></div></div> <p> - On UNIX servers, it is possible to run <acronym class="acronym">BIND</acronym> in a <span class="emphasis"><em>chrooted</em></span> environment - (using the <span><strong class="command">chroot()</strong></span> function) by specifying the "<code class="option">-t</code>" - option. This can help improve system security by placing <acronym class="acronym">BIND</acronym> in - a "sandbox", which will limit the damage done if a server is - compromised. + On UNIX servers, it is possible to run <acronym class="acronym">BIND</acronym> + in a <span class="emphasis"><em>chrooted</em></span> environment (using + the <span><strong class="command">chroot()</strong></span> function) by specifying + the "<code class="option">-t</code>" option for <span><strong class="command">named</strong></span>. + This can help improve system security by placing + <acronym class="acronym">BIND</acronym> in a "sandbox", which will limit + the damage done if a server is compromised. </p> <p> Another useful feature in the UNIX version of <acronym class="acronym">BIND</acronym> is the @@ -138,11 +141,11 @@ zone "example.com" { user 202: </p> <p> - <strong class="userinput"><code>/usr/local/bin/named -u 202 -t /var/named</code></strong> + <strong class="userinput"><code>/usr/local/sbin/named -u 202 -t /var/named</code></strong> </p> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2593326"></a>The <span><strong class="command">chroot</strong></span> Environment</h3></div></div></div> +<a name="id2598974"></a>The <span><strong class="command">chroot</strong></span> Environment</h3></div></div></div> <p> In order for a <span><strong class="command">chroot</strong></span> environment to @@ -170,7 +173,7 @@ zone "example.com" { </div> <div class="sect2" lang="en"> <div class="titlepage"><div><div><h3 class="title"> -<a name="id2593386"></a>Using the <span><strong class="command">setuid</strong></span> Function</h3></div></div></div> +<a name="id2599034"></a>Using the <span><strong class="command">setuid</strong></span> Function</h3></div></div></div> <p> Prior to running the <span><strong class="command">named</strong></span> daemon, use |
