"Directory world-writable" warning
Kevin Darcy
kcd at daimlerchrysler.com
Thu Oct 5 22:23:00 UTC 2000
".", in Unix (POSIX?) and MS-DOS and probably other OS'es, refers to the
current working directory of the process. Since the world-writable check is
done after named does its chdir() (change directory) system call, it means
that whatever directory you specified in the "directory" option in
named.conf is world-writable. This is bad because it means unprivileged
users on the system could remove, rename or replace your zonefiles. Change
the permissions on that directory to remove the world-writeability.
- Kevin
Edmund wrote:
> In the log file, there's a warning message everytime bind 8.1.2 startup,
>
> Directory . world-writable
>
> I studied the code and realize that the message is generated as a
> warning of directory "." is writable by the others, however, no idea on
> what "." directory is ? Anyone knows ? Is it a security warning of
> a security hole in the system ? Please help. Thanks.
More information about the bind-users
mailing list