From: Can Erkin Acar (canacarcvs.openbsd.org)
Date: Fri Mar 12 2004 - 12:40:16 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

CVSROOT: /cvs
Module name: src
Changes by: canacarcvs.openbsd.org 2004/03/12 11:40:16

Modified files:
        usr.sbin/bind/bin/named: main.c server.c
        usr.sbin/bind/lib/isc: Makefile.in
        usr.sbin/bind/lib/isc/include/isc: socket.h
        usr.sbin/bind/lib/isc/unix: Makefile.in socket.c
Added files:
        usr.sbin/bind/lib/isc/unix: privsep.c privsep_fdpass.c
        usr.sbin/bind/lib/isc/unix/include/isc: privsep.h

Log message:
Privilege seperation for named. Allows named to handle address/interface
changes without restart. If you use non-standard ports in named configuration
make sure they are > 1024. Also /var/named/etc/rndc.key (if any) must be
readable by group named.

Initial work and testing by itojun, jakob, hints, help from henning,
avsm, beck. ok henning, beck, avsm, deraadt

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]