Javier Fernández-Sanguino Peña wrote:
> That means that the only sensible permissions for master zone files are
> 640 root:named, or, if you do want the named server to modify them 640
> named:named.
640 root.dnsfiles, where the dnsfiles group, locally added for you due
to your extreme requirements, contains the named user.
--
see shy jo laughing at someone copping such a big security 'tude and then
implying it's sane to let the name server modify its zone files.
Attachment:
pgpUIieRR4JoL.pgp
Description: PGP signature