Date: Wed, 3 Apr 2013 14:10:01 GMT From: Maxim Konovalov <maxim.konovalov@gmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/177607: named.conf comment to slave root suggests potentially dangerous BIND configuration Message-ID: <201304031410.r33EA18q082383@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/177607; it has been noted by GNATS.
From: Maxim Konovalov <maxim.konovalov@gmail.com>
To: Mark Knight <markk@knigma.org>
Cc: bug-followup@freebsd.org
Subject: Re: conf/177607: named.conf comment to slave root suggests potentially
dangerous BIND configuration
Date: Wed, 3 Apr 2013 18:00:20 +0400 (MSK)
> Sorry, typo in my mail address - should be markk@knigma.org.
>
> In the proposed patch - allow-query { localnets; }; would be better than
> localhost. I still think it better to make this example more robust.
>
I corrected your address in the Reply-To header.
I still think that our named.conf is not a BIND security guide. But
this is just my opinion and I leave the PR.
Still, don't understand why the PR has Severity serious and Priority
high if we are speaking about the commented out example (even
uncommented it won't hurt anybody) in the daemon that doesn't run by
default.
--
Maxim Konovalov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201304031410.r33EA18q082383>