but not bind with selinux. It can chroot, but not does other things. So there is an question: Why we do not fix it. Tell me please some other reason than "you can workaround chroot other ways".but many program use this as security feature. So do you think that bind may use vserver?
It would be a lot stronger if it did. A bind running non-root will be
probably safe. A bind running as root can be attacked and break out of a
chroot trivially. I guess it depends how you run bind.