Date: Wed, 29 Aug 2001 14:46:27 +0100 From: Brian Somers <brian@Awfulhak.org> To: Sheldon Hearn <sheldonh@starjuice.net> Cc: Brian Somers <brian@Awfulhak.org>, Joshua Goodall <joshua@roughtrade.net>, Giorgos Keramidas <keramida@ceid.upatras.gr>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com, brian@freebsd-services.com Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist src/etc/namedb named.conf Message-ID: <200108291346.f7TDkRf76403@hak.lan.Awfulhak.org> In-Reply-To: Message from Sheldon Hearn <sheldonh@starjuice.net> of "Wed, 29 Aug 2001 15:30:58 %2B0200." <76675.999091858@axl.seasidesoftware.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, 29 Aug 2001 14:09:14 +0100, Brian Somers wrote: > > > For the n'th time on this thread, everyone that has > > > > named_enable=YES > > > > in /etc/rc.conf and don't have ``named_flags='' will now have named > > running with -u bind and will not be able to update their secondary > > zone files. > > Why? The same mergemaster that changes named_flags in > /etc/defaults/rc.conf will also change /etc/namedb/named.conf . What, you have a live nameserver that has a configuration that even closely resembles the distributed named.conf ? Why do I find that difficult to believe ? Remember, we're not talking about scratch boxes here, we're talking about this change not being appropriate for -stable (production). > > Now perhaps someone can tell me what the purpose of this blatant > > -minded breakage is. What do we gain by changing the default > > variable values for a service that has never been enabled by default ? > > We gain protection of a significant number of entry-level administrators > from potential root exploits. This was already half achieved by the presence of the commented out named_flags variable. Adding a comment to impress on people that using -u bind is more secure would have been a good change. Removing the # so that configurations break is.... well, see above. > I ignored the rest of your message because it only applies if you're > right about the impact, and I don't think you are. If you've got no facts then we've got nothing to discuss. What exactly do you mean when you say you don't think I'm right ? Are you saying that you don't think there are any users out there that query on port 53 or that have read-only-by-root key files ? Or are you saying that they had better be smart enough to drop a named_enable= in their rc.conf to counter a gratuitous change ? > Ciao, > Sheldon. -- Brian <brian@freebsd-services.com> <brian@Awfulhak.org> http://www.freebsd-services.com/ <brian@[uk.]FreeBSD.org> Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108291346.f7TDkRf76403>