Why is named started, but not being used?

Steve Grubb sgrubb at redhat.com
Mon Nov 19 13:51:32 UTC 2007

On Sunday 18 November 2007 09:07:40 pm Neal Becker wrote:
> >> named     2794  0.0  0.5 131440 10568 ?        Ssl  Nov16
> >> 0:00 /usr/sbin/named -u named -D -t /var/named/chroot
> >>
> >> Well, someone started named!

named is one of those apps that is always suggested to be started chrooted. 
This is because its historically been vulnerable to attack. I'd like to see 
more about its actual configuration before deciding if NM has created a 
security hole. Sure, we have selinux to help keep a handle on what an 
attacker can do, but some people turn selinux off and we need to offer the 
best protection we can for them.

Does "netstat -taunp | grep named" show it listening on localhost, or does it 
show it being exposed? Does NM have a config option to disable using named 
for the security minded people? Is named chrooted? Is it set to be a 
non-authoritative server? Does the config follow best practices for a locked 
down system? Need to see the config for that.


More information about the test mailing list