"Directory world-writable" warning

Jim Reid jim at rfc1035.com
Thu Oct 5 23:17:14 UTC 2000


>>>>> "Edmund" == Edmund  <c990077 at hk.china.com> writes:

    Edmund> In the log file, there's a warning message everytime bind
    Edmund> 8.1.2 startup,

This has security holes. Upgrade to 8.2.2P5. See:
	http://www.isc.org/products/BIND/bind-security-19991108.html

    Edmund> Directory . world-writable

    Edmund> I studied the code and realize that the message is
    Edmund> generated as a warning of directory "." is writable by the
    Edmund> others, however, no idea on what "." directory is ?

It's whatever the current directory was when you started the name
server. Presumably there's no directory clause in named.conf's
options{} statement.

    Edmund> Is it a security warning of a security hole in the system ?

Almost definitely. The name server's default directory shouldn't be
world writable. That's why the server has complained. Now whether that
name server's default directory should or shouldn't be world-writable
is another story. Perhaps you started named when you were in a
directory that usually is world-writable, like /tmp? And if you don't
define a default directory in named.conf, it's anyone's guess what
directory the name server will use: it'll just be whatever happened to
be your shell's current working directory when you started the name
server.



More information about the bind-users mailing list