root hints
Joseph S D Yao
jsdy at tux.org
Sat Jan 29 02:47:49 UTC 2011
On Fri, Jan 28, 2011 at 04:40:50PM +0800, pyh at mail.nsbeta.info wrote:
> Joseph S D Yao writes:
> > Just because we don't need to, doesn't mean that it's a good practtice
> > not to. And it's so easy to create one on a system where DNS is already
> > set up.
> >
> > dig ns . > root.hints
>
> I disagree with this.
> Few files mean few risk for admin.
> How about the case when someone did "echo > root.hints" by mistake?
>
> Regards.
Pyh,
We can agree to disagree. I admit I prefer to have more control over
the configuration, and am uncomfortable with "invisible" parts of the
configuration. I like those appliances best where I can log in the
maintenance port and see the whole configuration laid out before me. It
helps with debugging, too.
As for "echo > root.hints", who leaves their configuration files
writable, or does it as the super-user? That's bound to get you in
trouble. Use configuration management software that leaves you with a
read-only file!
--
/*********************************************************************\
**
** Joe Yao jsdy at tux.org - Joseph S. D. Yao
**
\*********************************************************************/
More information about the bind-users
mailing list