[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy

From: Enrico Scholz <enrico scholz informatik tu-chemnitz de>
To: fedora-devel-list redhat com
Subject: Re: BIND less restrictive modes and policy
Date: Tue, 22 Jan 2008 01:18:51 +0100

Adam Tkac <atkac redhat com> writes:

> Also complete /var/named/* subtree will be writable by named

This is bad. Only the slaves/ and data/ (for DDNS) dirs must be writable.
pz/ and the other parts of the chroot filesystem must be read-only for
named.


Enrico

Follow-Ups:
- Re: BIND less restrictive modes and policy
  - From: Andrew Farris
- Re: BIND less restrictive modes and policy
  - From: Simo Sorce

References:
- BIND less restrictive modes and policy
  - From: Adam Tkac

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]