ndc problem
Barry Margolin
barmar at bbnplanet.com
Mon Jan 31 23:15:57 UTC 2000
In article <38960986.BE07FEC4 at att.com>, Sheng Zhu <sz at att.com> wrote:
>Don't know if anyone else have seen this problem, but ndc seems
>insecure when it allows any user on the local system to kill the named
>process - no matter whether you have control statement in the config
>or not. It will not allow any user to start the named process though.
>
>The control statementin the named.conf looks like this:
> control { unix "/etc/ndc" perm 0600 owner 0 group 0; };
>and the ndc socket seems created with correct permission when named
>is started by root:
> srw------- 1 root root 0 Jan 31 21:31
>/etc/ndc
>
>This ndc behavior was observed on a Sun Ultra system running Solaris
>2.6 patched at 105181_15. The bind source code is 8.2.2-P5 compiled
>on the same system with Sun Spro CC 4.2. Any comments or help will
>be appreciated. Thanks,
I think the problem may be that Solaris doesn't implement access control on
Unix-domain sockets, so the permissions have no effect. The solution is to
put the socket in a directory that only root has execute permission to,
e.g.
mkdir /etc/ndcdir
chmod 700 /etc/ndcdir
Rebuild named and ndc with DESTRUN configured to /etc/ndcdir.
--
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list