Re: git: 1d577bedbae8 - main - unbound: Fix config file path
- In reply to: Dag-Erling_Smørgrav : "Re: git: 1d577bedbae8 - main - unbound: Fix config file path"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 06 Mar 2023 15:47:41 UTC
On 3/6/23 07:37, Dag-Erling Smørgrav wrote: > "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> writes: >> "Dag-Erling Smørgrav <des@freebsd.org> writes: >>> No. Unbound knows it's chrooted, knows _where_ it's chrooted, and >>> adjusts config paths accordingly, cf. e4c53d3bf00a. >> We disagree then, rather strongly, about this issue. It should not >> know it is chrooted, and it especially should NOT adjust paths >> based on that fact. That is a POLA, and it is also hard coding >> POLICY into an executable. Almost certainly any path mangling >> done because it is chroot is going to break if I chroot it to >> some place very different. Seconding what DES said. Unbound has chrooting capability built-in, that can be configured via config file [1] and it does adjust paths to all other files if chroot is enabled. There is no POLA violation here, this is not a custom patch from FreeBSD, this is native unbound functionality. [1] https://nlnetlabs.nl/documentation/unbound/unbound.conf/ -- Ihor Antonov