"Directory world-writable" warning
Jim Reid
jim at rfc1035.com
Thu Oct 5 23:17:14 UTC 2000
>>>>> "Edmund" == Edmund <c990077 at hk.china.com> writes:
Edmund> In the log file, there's a warning message everytime bind
Edmund> 8.1.2 startup,
This has security holes. Upgrade to 8.2.2P5. See:
http://www.isc.org/products/BIND/bind-security-19991108.html
Edmund> Directory . world-writable
Edmund> I studied the code and realize that the message is
Edmund> generated as a warning of directory "." is writable by the
Edmund> others, however, no idea on what "." directory is ?
It's whatever the current directory was when you started the name
server. Presumably there's no directory clause in named.conf's
options{} statement.
Edmund> Is it a security warning of a security hole in the system ?
Almost definitely. The name server's default directory shouldn't be
world writable. That's why the server has complained. Now whether that
name server's default directory should or shouldn't be world-writable
is another story. Perhaps you started named when you were in a
directory that usually is world-writable, like /tmp? And if you don't
define a default directory in named.conf, it's anyone's guess what
directory the name server will use: it'll just be whatever happened to
be your shell's current working directory when you started the name
server.
More information about the bind-users
mailing list