From owner-cvs-all Wed Aug 29 6:46:41 2001 Delivered-To: cvs-all@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id E272D37B405; Wed, 29 Aug 2001 06:46:30 -0700 (PDT) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [fec0::1:12]) by Awfulhak.org (8.11.5/8.11.5) with ESMTP id f7TDkRA53986; Wed, 29 Aug 2001 14:46:28 +0100 (BST) (envelope-from brian@Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id f7TDkRf76403; Wed, 29 Aug 2001 14:46:27 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200108291346.f7TDkRf76403@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Sheldon Hearn Cc: Brian Somers , Joshua Goodall , Giorgos Keramidas , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@freebsd-services.com, brian@freebsd-services.com Subject: Re: cvs commit: src/etc/defaults rc.conf src/etc/mtree BSD.var.dist src/etc/namedb named.conf In-Reply-To: Message from Sheldon Hearn of "Wed, 29 Aug 2001 15:30:58 +0200." <76675.999091858@axl.seasidesoftware.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 29 Aug 2001 14:46:27 +0100 From: Brian Somers Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Wed, 29 Aug 2001 14:09:14 +0100, Brian Somers wrote: > > > For the n'th time on this thread, everyone that has > > > > named_enable=YES > > > > in /etc/rc.conf and don't have ``named_flags='' will now have named > > running with -u bind and will not be able to update their secondary > > zone files. > > Why? The same mergemaster that changes named_flags in > /etc/defaults/rc.conf will also change /etc/namedb/named.conf . What, you have a live nameserver that has a configuration that even closely resembles the distributed named.conf ? Why do I find that difficult to believe ? Remember, we're not talking about scratch boxes here, we're talking about this change not being appropriate for -stable (production). > > Now perhaps someone can tell me what the purpose of this blatant > > -minded breakage is. What do we gain by changing the default > > variable values for a service that has never been enabled by default ? > > We gain protection of a significant number of entry-level administrators > from potential root exploits. This was already half achieved by the presence of the commented out named_flags variable. Adding a comment to impress on people that using -u bind is more secure would have been a good change. Removing the # so that configurations break is.... well, see above. > I ignored the rest of your message because it only applies if you're > right about the impact, and I don't think you are. If you've got no facts then we've got nothing to discuss. What exactly do you mean when you say you don't think I'm right ? Are you saying that you don't think there are any users out there that query on port 53 or that have read-only-by-root key files ? Or are you saying that they had better be smart enough to drop a named_enable= in their rc.conf to counter a gratuitous change ? > Ciao, > Sheldon. -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message