-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 24 April 2002 06:43 pm, daniel wrote: > > BIND named running as a non-root user should be secure enough for > > any use as long as you are careful to disable remote access via rndc, > > deny updates from all but trusted networks yada yada. > > how exactly do you prevent a single program like rndc from being run > from a remote machine while allowing a remote login like ssh?
I was about to answer with something along the lines of "If a user logging in via ssh can get root access, you have bigger things to worry about." Then I thought better of it and decided to test this. I'm a little worried about the results: [mfratoni@paradox updates-7.2] $ ssh tuxfan [mfratoni@tuxfan mfratoni]$ id uid=500(mfratoni) gid=500(mfratoni) groups=500(mfratoni) [mfratoni@tuxfan mfratoni]$ /usr/sbin/rndc reload rndc: reload command successful Hrmm, said I. Any user can reload zones? Surely that shouldn't be. [mfratoni@tuxfan mfratoni]$ /usr/sbin/rndc halt rndc: halt command successful Non privileged uses can halt named as well? I wouldn't consider that a desirable feature. The man page seems to imply that only root _should_ be allowed to do this: DESCRIPTION This command allows the system administrator to control the operation of a name server. Very odd. Hopefully, I've just missed something in the config files? - -- - -Michael pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt Red Hat Linux 7.2 in 8M of RAM: http://www.rule-project.org/ - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzHROAACgkQn/07WoAb/SuN+QCggClhMHzgUXosr2fQpvV3h6K2 A7cAn11ZYIx75/15b864fNx+S39+U5J2 =fqqB -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list