[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy



Adam Tkac <atkac redhat com> writes:

> Also complete /var/named/* subtree will be writable by named

This is bad. Only the slaves/ and data/ (for DDNS) dirs must be writable.
pz/ and the other parts of the chroot filesystem must be read-only for
named.


Enrico


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]