Hi all, I'm going to do major revision of bind's file modes. Currenly We have many files readable only by root and I can't see any reason why keep binaries unreadable and unexecutable by other users. Also there isn't any reason why keep configuration private. Only this files should not be readable by other users: - /etc/rndc.key - who has it may control server through rndc utility - /var/log/named.log - will have sensitive information All other will be readable for all. Also complete /var/named/* subtree will be writable by named (for generating core files, DDNS updates, secondary servers, generally for easier configuration). Has anyone arguments against such change? Regards, Adam -- Adam Tkac, Red Hat, Inc. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
