dns problem in fedora

[Alexander Dalloz]

[ again, but unsigned - thank you mailman ]

Am Mi, den 07.04.2004 schrieb Christopher K. Johnson um 17:36:

> Wouldn't it be preferable to have a subdirectory /var/named/slave that
> is 770 and define the slave zone files in named.conf to be placed 
> there?  I suspect the point of the mode 750 with root:named ownership 
> was to reduce the risk of a compromised named modifying master zone
files.

I agree and just had a look at my Fedora machine running bind (in
chrooted mode) and found following directories:

$ ls -ld /var/named/chroot/var/named/slaves
drwxr-x---  2 named named 4096 11. Dez 15:56
/var/named/chroot/var/named/slaves

$ ls -ld /var/named/slaves/
drwxrwx---  2 named named 4096 17. Okt 18:02 /var/named/slaves/

That are default permissions. I did not change anything. Unfortunately
my bind is actually only master zone manager and I have no chance to
test it running with slave zones.

Feedback by others is appreciated.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 1 (Yarrow) on Athlon CPU kernel 2.4.22-1.2174.nptl
Sirendipity 18:37:01 up 19 days, 2:18, load average: 1.45, 1.33, 1.19 
                   [ Γνωθι σ'αυτον - gnothi seauton ]
             my life is a planetarium - and you are the stars