Re: When bind9 reinstalls, no db.root
On Wed, Aug 21, 2002 at 06:39:55PM -0500, Steve Greenland wrote:
> On 21-Aug-02, 15:10 (CDT), Marc Singer <elf@buici.com> wrote:
> > It would help to have an example.
>
> I could have sworn I had a footnote about /etc/cron.allow, with a
> reference to the appropriate manpage :-). Okay, it's not the *best*
> example, because I don't actually ship a cron.allow, but the point is
> there: A missing cron.allow permits everybody to use crontab, while an
> empty cron.allow forbids use of crontab by anybody (except root, of
> course).
It does appear that there are a couple of good examples. In fact,
this is not one of them since what you ought to ship is a cron.allow
that blocks everything, right? That way the default behavior is
obvious to someone browsing the configuration.
As far as I can tell, there aren't many 'dangerous' examples. A
package may install a crontab file in cron.d that is deleted by the
user. Apparently, apache2 performs directory scanning for
configuration files, too. Examples such as BASH are definitely *not*
dangerous since the default file contains a single, innocuous
directive.
As I wrote in another message, given that there is an override switch
in dpkg, that switch would be helpful if available in apt-get.
Reply to: