View Single Post
  #1  
Old 30th October 2012, 06:58
ronee ronee is offline
HowtoForge Supporter
 
Join Date: Oct 2006
Posts: 32
Thanks: 0
Thanked 2 Times in 2 Posts
Default BIND can fail easily due to a simple error when creating a new zone

Hello,

This has been discussed previously but I am starting a new thread due to the fact that in my opinion the important point of this has not been mentioned.

I have reproduced this on latest stable ispconfig3 (at time of this writing) on Centos 6.3. The issue is simple. A user (which using ispconfig3 can easily access/manage) simply by creating a new zone and not correctly defining the necessary NS or A records can easily take down BIND for all zones on that server.

I would say that ispconfig should either not save a faulty zone file (easily accomplished by trapping errors via named-checkconf for instance) or at the very least, the wizard should force the use to enter the minimum info.

Otherwise those of us that delegate dns management access to users (which is the norm these days) can risk bind failure across the entire server due to the simple mistake of any single user.

Thanks,

Ron
Reply With Quote
Sponsored Links