On Wed, Jun 26, 2019 at 07:46:20PM +0300, Lefteris Tsintjelis via bind-users wrote: > On 26/6/2019 17:39, Grant Taylor via bind-users wrote: > > Or are you wanting to update the zone contents without actually updating > > the zone file on disk? > > Yes, exactly this. That is the reason I changed the actual zone disk > file permissions to root thinking that files would not be modifiable, > but bind surprised me there. I did not expect to change the file > ownership from root to bind! The problem started with ACME actually as > it always messes up my disk zone files and have to always restore them. > I would still like to use something like that in small DDNS zones also, > serving just a few IPs only. Non disk writable/modifiable zones could > perhaps add a small layer of extra security as well.
If Linux: chattr +i filename If FreeBSD: chflags schg filename _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
