Re: git: 1d577bedbae8 - main - unbound: Fix config file path

From: Ihor Antonov <ihor_at_antonovs.family>
Date: Mon, 06 Mar 2023 15:47:41 UTC
On 3/6/23 07:37, Dag-Erling Smørgrav wrote:
> "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> writes:
>> "Dag-Erling Smørgrav <des@freebsd.org> writes:
>>> No.  Unbound knows it's chrooted, knows _where_ it's chrooted, and
>>> adjusts config paths accordingly, cf. e4c53d3bf00a.
>> We disagree then, rather strongly, about this issue.  It should not
>> know it is chrooted, and it especially should NOT adjust paths
>> based on that fact.  That is a POLA, and it is also hard coding
>> POLICY into an executable.  Almost certainly any path mangling
>> done because it is chroot is going to break if I chroot it to
>> some place very different.
Seconding what DES said. Unbound has chrooting capability built-in, that 
can be configured via config file [1] and it does adjust paths to all 
other files if chroot is enabled. There is no POLA violation here, this 
is not a custom patch from FreeBSD, this is native unbound functionality.


[1] https://nlnetlabs.nl/documentation/unbound/unbound.conf/

-- 
Ihor Antonov