Received: (at submit) by bugs.debian.org; 12 Nov 1999 14:23:42 +0000
Received: (qmail 18890 invoked from network); 12 Nov 1999 14:23:42 -0000
Received: from aton.cvf.fr (HELO mail.cvf.fr) (194.250.196.250)
  by master.debian.org with SMTP; 12 Nov 1999 14:23:42 -0000
Received: from nebet-hetepet.dev33.cvf ([10.33.100.242])
	by mail.cvf.fr with smtp (Exim 3.02 #3 (CVF))
	id 11mHbe-0002R3-00; Fri, 12 Nov 1999 15:23:14 +0100
Received: by nebet-hetepet.dev33.cvf (sSMTP sendmail emulation); Fri, 12 Nov 1999 15:23:09 +0100
Date: Fri, 12 Nov 1999 15:23:09 +0100
From: Pierre Blanchet <blanchet@cvf.fr>
Subject: bind: bind should not run as root.
To: submit@bugs.debian.org
Bcc: Pierre Blanchet <blanchet@nebet-hetepet.dev33.cvf>
X-Mailer: bug 3.2.6.1
Message-Id: <E11mHbe-0002R3-00@mail.cvf.fr>
X-complaints-to: abuse@cvf.fr

Package: bind
Version: 1:8.2.2-3
Severity: wishlist

	Acording to security experts, bind should not run as root (and should run chrooted). The documentation is not very clear on why and how one may achieve this.
	I'm not really an expert, and i don't really know how this can be done in a debian point of view (postinst creating an user or just a note in README.Debian, ...).

	Thanks,

--
	Pierre Blanchet.
Pierre.Blanchet@cvf.fr