fedora core 9 bind problem
Adam Tkac
atkac at redhat.com
Wed Jul 2 09:09:51 UTC 2008
On Fri, Jun 27, 2008 at 08:51:28AM +1000, Mark Andrews wrote:
>
> > On Thu, Jun 26, 2008 at 10:19:25AM +1000, Mark Andrews wrote:
> > >
> > > Named has *alway* required a writeable working directory.
> > > This was explicitly pointed out in earlier versions of
> > > manuals, etc. The working directory is the default write
> > > location for lots of files, in addition it is the default
> > > on most OS's for core dumps. Failure to provide this will
> > > may cause some operations to fail. It may also make it
> > > more difficult to diagnose fatal problems which cause named
> > > to exit.
> >
> > Hm, could you point me why exactly working directory is required to be
> > writable? We have writable subdirectories in working directory for
> > secondary zones, DDNS zones, runtime information but many of files
> > don't have to be writable - like zone files (non DDNS zones), keys
> > etc. It improves security and doesn't affect named.
>
> Please prove your assertion that a non-writable working directory
> improves security. Remember the working directory does not need
> to be "/var/named". "/var/named/working", which is empty, will do
> just fine.
Yes, I know that working directory will be empty but as far as I know
zones configuration files has to be relative to working directory - so
you have to write "../" in each zone configuration statement which is,
of course, annoying. Please correct me if some nice solution exists.
We keep working directory non-writable because admins simply write
"file "zone_file";" to named.conf and zone is located in working
directory. BIND could have security hole which might allow remote code
execution so master zones will be corrupted - which will be pretty
bad. Non writable directory prevents such attacks.
More information about the bind-users
mailing list