Date: Wed, 3 Apr 2013 14:10:01 GMT From: Maxim Konovalov <maxim.konovalov@gmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/177607: named.conf comment to slave root suggests potentially dangerous BIND configuration Message-ID: <201304031410.r33EA18q082383@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/177607; it has been noted by GNATS. From: Maxim Konovalov <maxim.konovalov@gmail.com> To: Mark Knight <markk@knigma.org> Cc: bug-followup@freebsd.org Subject: Re: conf/177607: named.conf comment to slave root suggests potentially dangerous BIND configuration Date: Wed, 3 Apr 2013 18:00:20 +0400 (MSK) > Sorry, typo in my mail address - should be markk@knigma.org. > > In the proposed patch - allow-query { localnets; }; would be better than > localhost. I still think it better to make this example more robust. > I corrected your address in the Reply-To header. I still think that our named.conf is not a BIND security guide. But this is just my opinion and I leave the PR. Still, don't understand why the PR has Severity serious and Priority high if we are speaking about the commented out example (even uncommented it won't hurt anybody) in the daemon that doesn't run by default. -- Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304031410.r33EA18q082383>