[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: When bind9 reinstalls, no db.root

On Wed, Aug 21, 2002 at 06:39:55PM -0500, Steve Greenland wrote:
> On 21-Aug-02, 15:10 (CDT), Marc Singer <elf@buici.com> wrote: 
> > It would help to have an example.  
> 
> I could have sworn I had a footnote about /etc/cron.allow, with a
> reference to the appropriate manpage :-). Okay, it's not the *best*
> example, because I don't actually ship a cron.allow, but the point is
> there: A missing cron.allow permits everybody to use crontab, while an
> empty cron.allow forbids use of crontab by anybody (except root, of
> course).

It does appear that there are a couple of good examples.  In fact,
this is not one of them since what you ought to ship is a cron.allow
that blocks everything, right?  That way the default behavior is
obvious to someone browsing the configuration. 

As far as I can tell, there aren't many 'dangerous' examples.  A
package may install a crontab file in cron.d that is deleted by the
user.  Apparently, apache2 performs directory scanning for
configuration files, too.  Examples such as BASH are definitely *not*
dangerous since the default file contains a single, innocuous
directive.  

As I wrote in another message, given that there is an override switch
in dpkg, that switch would be helpful if available in apt-get.
Reply to: