Bind 9.16 port error still lingers
Eugene Grosbein
eugen at grosbein.net
Sat May 2 21:19:39 UTC 2020
03.05.2020 1:13, Per olof Ljungmark wrote:
> On 2020-05-02 19:29, The Doctor via freebsd-ports wrote:
>> On Sat, May 02, 2020 at 06:53:18PM +0200, Christoph Moench-Tegeder wrote:
>>> ## The Doctor via freebsd-ports (freebsd-ports at freebsd.org):
> [snip]
>
>> //Use with the following in named.conf, adjusting the allow list as needed:
>> key "rndc-key" {
>> algorithm hmac-md5;
>> secret "7ZbGK94NdSa2WACxx72W1w==";
>
> I suggest you change this ^^^^^ rather quickly, especially if it is a public name server.
This is a key for local (over 127.0.0.1) connections for rndc,
it can be abused by local users only, or if there is remotely expoitable vulnerability
for running shell code. Still, should not be published so easily but no direct harm
when system has no untrusted local users.
More information about the freebsd-ports
mailing list