Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 174084 - net-dns/bind - make permissions on bind zone files stricter
Summary: net-dns/bind - make permissions on bind zone files stricter
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Highest enhancement (vote)
Assignee: BIND Maintainers (DISABLED)
URL:
Whiteboard:
Keywords:
Depends on: 302361
Blocks:
  Show dependency tree
 
Reported: 2007-04-10 20:25 UTC by Joshua Pettett
Modified: 2010-05-13 01:23 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Joshua Pettett 2007-04-10 20:25:06 UTC 
Is there any reason why bind zone files should be writeable by the named user by default?  If not, I recommend making var/bind owned by root:named .  While we're at it, perhaps we should chmod o-rwx named.conf as well?
Comment 1 Paul B. Henson 2010-01-26 19:53:46 UTC 
Looks like this bug is pretty old, but I'd second the recommendation. Unless a zone is dynamic it shouldn't really be writable by the bind service account.
Comment 2 Doktor Notor 2010-03-12 11:29:09 UTC 
It's needed for dynamic zones only. Considering that Gentoo doesn't install any preconfigured dynamic zones at all, no point for these that get installed to be named-writeable indeed.
Comment 3 Christian Ruppert (idl0r) gentoo-dev 2010-05-13 01:23:53 UTC 
Sorry for the delay...
Its fixed in bind-9.7.0_p1 ;)