[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: BIND less restrictive modes and policy



On Tue, 2008-01-22 at 01:18 +0100, Enrico Scholz wrote:
> Adam Tkac <atkac redhat com> writes:
> 
> > Also complete /var/named/* subtree will be writable by named
> 
> This is bad. Only the slaves/ and data/ (for DDNS) dirs must be writable.
> pz/ and the other parts of the chroot filesystem must be read-only for
> named.

Enrico can you explain what would that prevent/change ?

Simo.

-- 
| Simo S Sorce |
| Sr.Soft.Eng. |
| Red Hat, Inc |
| New York, NY |


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]