New BIND 9 chroot directories

Doug Barton DougB at
Mon Oct 4 18:25:44 PDT 2004

On Mon, 4 Oct 2004, Jose M Rodriguez wrote:

> El Lunes, 4 de Octubre de 2004 22:10, Doug Barton escribió:

> Really good work.  But, this is really needed?
> I can't see why.

Because running bind chrooted is considerably safer, and the defaults 
should be as safe as possible unless it is an inconvenience to the 
majority of our users. In this case you are arguing against the change 
because it is a temporary inconvenience to you. That's not a good enough 
reason. :)

The entry in UPDATING already says, "If you are running a custom named 
config already, go look at the defaults." We expect users doing more 
advanced things to have more advanced skills. If they don't, they should 
probably use the defaults.

As for your other message about names of directories, layouts, etc., 
feel free to edit the BIND.chroot.dist mtree file, and you can have 
whatever you want. For that matter, edit /etc/rc.d/named if it will make 
you feel better. No one is "forcing" you to do anything. You have all 
the bits directly at hand, and the ability to do whatever you want with 




     This .signature sanitized for your protection

More information about the freebsd-current mailing list