BIND less restrictive modes and policy
Chuck Anderson
cra at WPI.EDU
Tue Jan 22 14:19:02 UTC 2008
On Mon, Jan 21, 2008 at 04:36:36PM +0100, Adam Tkac wrote:
> On Mon, Jan 21, 2008 at 02:19:02PM +0100, Florian La Roche wrote:
> > > All other will be readable for all. Also complete /var/named/* subtree
> > > will be writable by named (for generating core files, DDNS updates,
> > > secondary servers, generally for easier configuration).
>
> We should make /var/named directory writable for named (upstream has
> same opinion, see
> https://bugzilla.redhat.com/show_bug.cgi?id=400461#c17). So if We have
>
> - /etc/{named.conf,rndc.conf,rndc.key} + logfile non-readable for
> others (ok, world readable named.conf is quite suspicious so leave
> it private as is)
> - /var/named will be writable and read-only permissions will be set
> per-zone by admin
> - /var/named/* subdirectories will stop exist and files will be moved
> to /var/named/
I think we just need to have the directory specified by "directory" in
/etc/named.conf be writeable. That is the CWD of the named process,
and is where any coredumps would be written. So perhaps instead of
doing this overhaul of directory layout and permissions, we can just
change the default directory to "/var/named/data" instead:
options {
directory "/var/named/data";
This will affect zone file configurations--they will need to use
either the full path to the zone file, or perhaps a relative path like
"../slaves/foo.zone" which I've not tested to see if it works, e.g.:
zone "localhost" {
type master;
file "../localhost";
};
More information about the devel
mailing list