Allow only temporary zone updates without making them permanent
Lefteris Tsintjelis
lefty at spes.gr
Wed Jun 26 16:46:20 UTC 2019
On 26/6/2019 17:39, Grant Taylor via bind-users wrote:
> Or are you wanting to update the zone contents without actually updating
> the zone file on disk?
Yes, exactly this. That is the reason I changed the actual zone disk
file permissions to root thinking that files would not be modifiable,
but bind surprised me there. I did not expect to change the file
ownership from root to bind! The problem started with ACME actually as
it always messes up my disk zone files and have to always restore them.
I would still like to use something like that in small DDNS zones also,
serving just a few IPs only. Non disk writable/modifiable zones could
perhaps add a small layer of extra security as well.
Lefteris
More information about the bind-users
mailing list