[CentOS] editing bind (DNS) configuration under CentOS 6

Wed May 2 14:35:33 UTC 2012
Nux! <nux at li.nux.ro>

On 02.05.2012 14:21, Boris Epstein wrote:
> On Wed, May 2, 2012 at 9:15 AM, Karanbir Singh <mail-lists at karan.org> 
> wrote:
>
>> On 05/02/2012 02:09 PM, Nux! wrote:
>> >> it manually? That is doable, of course, but kind of cumbersome. 
>> Does
>> >> anybody know if there is a tool we are expected to use for that
>> >> purpose?
>> >
>> > If you're afraid of "vi", I can recommend webmin.
>> > http://dl.nux.ro/rpm/webmin.repo
>> >
>>
>> and then you have 2 problems, one of which is a security hole.
>>
>> I've mostly just gone to using nsupdate  from the cli for all zone 
>> edits
>> in bind zones. if you ever need the clear zone file, its easily 
>> dumped
>> out with rndc - works, and you can do some fairly complex things in 
>> a
>> clear and simple transaction manner ( plus, easily automated  from 
>> other
>> scripts / code for more win )
>>
>> --
>> Karanbir Singh
>> +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
>> ICQ: 2522219    | Yahoo IM: z00dax      | Gtalk: z00dax
>> GnuPG Key : http://www.karan.org/publickey.asc
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
>
> What's the security problem associated with webmin?
>
> Boris.

Boris,

People complain it runs as root (which it needs in order to modify 
system settings and so on, of course) and that its code is not very 
secure, which may well be the case, but in the end Webmin is one useful 
tool that I have never had security issues with, nor did I hear about 
others that had.
It's up to you if you want to use it or not. Maybe you could keep it 
running on some non-public interface etc to be extra-cautious.

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro