[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy

From: Simo Sorce <ssorce redhat com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: BIND less restrictive modes and policy
Date: Tue, 22 Jan 2008 08:32:25 -0500

On Tue, 2008-01-22 at 01:18 +0100, Enrico Scholz wrote:
> Adam Tkac <atkac redhat com> writes:
> 
> > Also complete /var/named/* subtree will be writable by named
> 
> This is bad. Only the slaves/ and data/ (for DDNS) dirs must be writable.
> pz/ and the other parts of the chroot filesystem must be read-only for
> named.

Enrico can you explain what would that prevent/change ?

Simo.

-- 
| Simo S Sorce |
| Sr.Soft.Eng. |
| Red Hat, Inc |
| New York, NY |

References:
- BIND less restrictive modes and policy
  - From: Adam Tkac
- Re: BIND less restrictive modes and policy
  - From: Enrico Scholz

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]