03.05.2020 1:13, Per olof Ljungmark wrote:
> On 2020-05-02 19:29, The Doctor via freebsd-ports wrote:
>> On Sat, May 02, 2020 at 06:53:18PM +0200, Christoph Moench-Tegeder wrote:
>>> ## The Doctor via freebsd-ports (freebsd-ports@freebsd.org):
> [snip]
>
>> //Use with the following in named.conf, adjusting the allow list as needed:
>> key "rndc-key" {
>> algorithm hmac-md5;
>> secret "7ZbGK94NdSa2WACxx72W1w==";
>
> I suggest you change this ^^^^^ rather quickly, especially if it is a public
> name server.
This is a key for local (over 127.0.0.1) connections for rndc,
it can be abused by local users only, or if there is remotely expoitable
vulnerability
for running shell code. Still, should not be published so easily but no direct
harm
when system has no untrusted local users.
_______________________________________________
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
