file perms when running bind as non-root?

Sorkin, David [IT] david.sorkin at
Tue Jan 13 15:36:32 UTC 2004

What is the recommendation for securely setting up file permissions when =
running bind as non-root?

I'd like to minimize named's ability to write to directories and files =
that it doesn't need to but this interferes with zone transfers and =
dynamic update logs & update log rolling.

What happens if it is unable to create the update log or roll it into =
the zone, would the updates just stay in memory? Is there any directive =
in recent bind 8s to control this? I don't care if the updates are lost =
on a restart since my zone data is stored in an external database.

Is this all just a waste of time?

David Sorkin

More information about the bind-users mailing list