conf/177607: named.conf comment to slave root suggests potentially dangerous BIND configuration

Maxim Konovalov maxim.konovalov at gmail.com
Wed Apr 3 14:10:01 UTC 2013


The following reply was made to PR conf/177607; it has been noted by GNATS.

From: Maxim Konovalov <maxim.konovalov at gmail.com>
To: Mark Knight <markk at knigma.org>
Cc: bug-followup at freebsd.org
Subject: Re: conf/177607: named.conf comment to slave root suggests potentially
 dangerous BIND configuration
Date: Wed, 3 Apr 2013 18:00:20 +0400 (MSK)

 >  Sorry, typo in my mail address - should be markk at knigma.org.
 >
 >  In the proposed patch - allow-query { localnets; }; would be better than
 >  localhost. I still think it better to make this example more robust.
 >
 I corrected your address in the Reply-To header.
 
 I still think that our named.conf is not a BIND security guide.  But
 this is just my opinion and I leave the PR.
 
 Still, don't understand why the PR has Severity serious and Priority
 high if we are speaking about the commented out example (even
 uncommented it won't hurt anybody) in the daemon that doesn't run by
 default.
 
 -- 
 Maxim Konovalov


More information about the freebsd-bugs mailing list