26358 – Don't use default rndc key in /etc/rndc.conf

Bug 26358 - Don't use default rndc key in /etc/rndc.conf

Summary: Don't use default rndc key in /etc/rndc.conf

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	bind
Sub Component:
Version:	7.1
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bernhard Rosenkraenzer
QA Contact:	David Lawrence
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-02-06 20:50 UTC by Idcmp
Modified:	2007-04-18 16:31 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-02-06 20:50:07 UTC
Embargoed:

Attachments	(Terms of Use)

Description Idcmp 2001-02-06 20:50:03 UTC

bind910 ships with /etc/rndc.conf and the default key straight from the documentation.  Please don't.

Reproducible: Always
Steps to Reproduce:
1. Find some person who didn't think about changing the key and copied the controls {} directive from the bind9 manual.
2. create a rndc.conf with the stock key
3. rndc -c rnd.conf stop
4. DNS stops.
	

Actual Results:  rndc: reload command successful


Expected Results:  permission denied.

Comment 1 Bernhard Rosenkraenzer 2001-02-28 19:02:36 UTC

Fixed in 9.1.0-5

Note You need to log in before you can comment on or make changes to this bug.