I know that there is a lot of other stuff going on right now, but based on some discussions we've been having on the freebsd-net list I wanted to pass this along while it was fresh in my mind.
By default in FreeBSD the directory option is set to /etc/namedb (the traditional name in *BSD), and that directory is set to 755 root:wheel which means that named cannot write to it after it drops privileges. This is intentional, and just about all the "useful" stuff that named would normally write to this directory has another home with appropriate permissions. I do it this way because IMO it's better to keep the idea of "working directory" where named might write files by default separate from the idea of "configuration directory" for a couple reasons. For one it's arguably more secure since it follows the "least privilege" idea to the letter. The other reason is that if for whatever reason the named process is not chrooted then one might easily have the configuration on a small or even read-only partition (/etc/) and want to be able to write stuff into /var. I solved the latter problem in what I understand is a fairly typical way by creating /var/named to chroot into and having etc/namedb under that directory, and a symlink in the real /etc directory. I've never really liked that solution, and always felt it was the best of several undesirable alternatives. So I'm proposing the idea of a new working-directory option for named.conf. Is there interest in this idea? Regards, Doug
