Rick Dicaire wrote: >> joans4nz wrote: >>> What is the working directory? > > Take a look at the ownership and perms on /var/named/etc/namedb/dump > >> Making that message go away (one way or another) is on my list, but >> since it's basically harmless it's not a high priority. > > It will be when you want to dump stats etc :)
I did say "basically" harmless. :) Seriously though, we have passed the 1-year anniversary of the following request to separate the idea of "working directory" from "configuration directory" https://lists.isc.org/pipermail/bind-users/2008-August/071912.html The main problem with having the directory where named's configuration files are stored writable by the named user is that if you get pwned the bad guy can replace your named.conf with one of their own. The FreeBSD base includes a _default_ configuration that is pretty tight on purpose since it is designed to be "safe" for the average non-expert DNS user to be able to start up a local system resolver without having to worry about security. Users with more advanced needs have the tools available to them to alter the default configuration as they see fit. hth, Doug _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
