[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy



Once upon a time, Adam Tkac <atkac redhat com> said:
> Generally on production servers only administrators have access so I
> don't think this is security issue. I think it's only feeling that
> configuration has to be private but I'm ready keep config files private
> if you think it really makes sence. But if some flaw is found and
> exploited it can't protect you.

Many servers don't just run one service (e.g. shared web hosting servers
will run HTTP, SMTP, DNS, etc.), so the config should be protected.

Anything else might as well be world-readable though (and this is really
true for any non-config/non-log file in any RPM), since they can easily
be downloaded through "teh intertubes".

-- 
Chris Adams <cmadams hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]