Andrew Farris <lordmorgul@xxxxxxxxx> writes: >> pz/ and the other parts of the chroot filesystem must be read-only >> for named. > > And why exactly is that? To give only the required rights is a common and working practice for years to secure daemons. Fedora should not forget classical ways (own uid, chroot environments, restrictive permissions) just to give something like "easier configuration" (where I can not see how mixing all and everything into a single dir can ease configuration). Enrico -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
