Bug 24784

Summary: Why isn't bind always running as -u bind -g bind
Product: Base System Reporter: gabriel_ambuehl <gabriel_ambuehl>
Component: miscAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description gabriel_ambuehl 2001-02-01 19:10:01 UTC 
I've been wondering why bind isn't run as user bind group bind by default. I mean it's widely known that this isn't the most secure piece of software outthere so I'd say it really make sense to run it with the least permissions possible. /etc/defaults/rc.conf got the corresponding line commented out in favor of a normal running bind...

Fix: 

Kill the comment before
#named_flags="-u bind -g bind"  # Flags for named

in /etc/defaults/rc.conf
How-To-Repeat: Wait for the exploits to see why I mention this.
Comment 1 Kris Kennaway freebsd_committer freebsd_triage 2001-02-02 10:42:09 UTC 
State Changed
From-To: open->analyzed

Suggestion is under consideration
Comment 2 Kris Kennaway 2001-02-02 10:42:34 UTC 
On Thu, Feb 01, 2001 at 11:02:23AM -0800, gabriel_ambuehl@buz.ch wrote:

> I've been wondering why bind isn't run as user bind group bind by
> default. I mean it's widely known that this isn't the most secure
> piece of software outthere so I'd say it really make sense to run it
> with the least permissions possible. /etc/defaults/rc.conf got the
> corresponding line commented out in favor of a normal running
> bind...

Running it like this won't work for every system since named can't
rebind to interfaces which change address or which are added after the
program is started. However, it's something we're considering doing.

Kris
Comment 3 Chris D.Faulhaber freebsd_committer freebsd_triage 2001-11-17 00:12:40 UTC 
State Changed
From-To: analyzed->closed

o please see recent (within the last few months) mailing list 
discussions on this subject. 
o no response from submitter in 10 months.