[CentOS] editing bind (DNS) configuration under CentOS 6

Fri May 4 16:22:40 UTC 2012
James B. Byrne <byrnejb at harte-lyne.ca>

On Wed, May 2, 2012 16:17, Karanbir Singh wrote:
those of us not blessed with either the depth of experience or
>> the
> sure, if you are new to Linux on the whole and need a point and click
> basics interface to a bunch of things webmin might be a suiteable
> option

Sure, if you work for some multi-billion dollar enterprise then the
cost of one or more employees perpetually mastering the ever-changing
minutiae of dozens of *nix services, most with documentation that is
charitably described as scant, can be borne.  The rest of the world
needs a reasonable answer at a reasonable price in a reasonable time. 
Something that Webmin and similar products provide.

My personal experience with point and click interfaces to *nix
utilities (which goes back to 1995) is that they often prove far
better at getting something working than losing yourself in the
byzantine cli and configuration file options that are the alternative.

> the most important vuln in webmin is how its designed, perl
> interfaces running as root with exclusive rights to anything
> on the machine, easily fiddled with on the machine itself.
> Perhaps 90% of all hacked centos machines running webmin, that
> I've looked at, were exploited locally

Myself, I never permit local shell accounts on systems that run
publicly available services. Once one requires local shell access to a
system be granted to ordinary users then I treat that host as
compromised, install and run nothing on it beyond what is required to
support shell access, and firewall it as if it resides on an alien

Webmin is not the problem in this case. Want of prudence is. I admit
that my personal practice in this regard possibly colours my view of
how the 'security' boogieman is often used to denigrate a product that
I find extremely useful.

> Also, your email client looks to be broken, its not setting headers
> needed for mailing lists threading.

My email client is Squirrel Mail. I do not consider it to be broken
software. I receive the mailing list in digest format. Perhaps the
headers you seek are not provided in that format by the mailing list
manager itself.  However, maintaining the subject header usually
proves sufficient elsewhere.

***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3