Date: Wed, 19 Jan 2005 21:39:10 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: nikolay.nenchev@rbb-sofia.raiffeisen.at Cc: freebsd-current@freebsd.org Subject: Re: Bind 9.3 rndc? Message-ID: <20050119203910.GD36629@obiwan.tataz.chchile.org> In-Reply-To: <OF1CBC4F89.03518929-ON42256F8E.002BE44A-42256F8E.002CA49C@mdcs.at> References: <OF1CBC4F89.03518929-ON42256F8E.002BE44A-42256F8E.002CA49C@mdcs.at>
next in thread | previous in thread | raw e-mail | index | archive | help
You should use freebsd-net@ for this kind of questions I think. > have installed FreeBSD 5.3 with Bind integrated in it. named is running in > chroot, with user bind, so every file in /etc/namedb is owned by > bind:wheel, exept rndc.key. (i have also rndc.conf with owner bind) > and it is impossible to start make rndc reload. if i change owner on > rndc.key it is working but is it a security issue, user who is running > named (bind) to have acceess to rndc.key. How does named(8) could know that the secret provided by rndc(8) is the correct one if it does not have access to it ? This is a shared secret. Either user running named(8) and the one running rndc(8) must have access to the secret. Let's say you have named(8) running under user "bind" and the rndc user running under user "rndc" and both belongs to group "bind". Make rndc.key owned my "root:bind" and use the mode 0640. Therefore only root will be able to modify the key whereas named(8) and rndc(8) will be able to read it. Anyway, if your bind(8) is compromised, whether th attacker can read your shared secret or not is pointless : you will have to change it anyway. Best regards, -- Jeremie Le Hen jeremie@le-hen.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050119203910.GD36629>