On Tue, Oct 28, 2008 at 7:15 PM, Mark Andrews wrote:
> In message <611607.56975.qm@web45312.mail.sp1.yahoo.com>, Jeff Pang writes:
>> Hello,
>> I need to let apache start/stop named.
>> I set: chmod +s named, so httpd (run with nobody) can stop/start it.
>> Is it safe for this behavior? thanks.

> In general, no. Named is not designed to be run suid root.
> A ordinary user can do all sorts of damage with named.
> I would suggest that you create a wrapper which then exec's
> named with arguements that you deem safe. This wrapper can
> be suid root.

*cough*sudo*cough* ;-)