On 26/6/2019 22:04, Anderson, Charles R wrote: > On Wed, Jun 26, 2019 at 07:46:20PM +0300, Lefteris Tsintjelis via bind-users > wrote: >> On 26/6/2019 17:39, Grant Taylor via bind-users wrote: >>> Or are you wanting to update the zone contents without actually updating >>> the zone file on disk? >> >> Yes, exactly this. That is the reason I changed the actual zone disk >> file permissions to root thinking that files would not be modifiable, >> but bind surprised me there. I did not expect to change the file >> ownership from root to bind! The problem started with ACME actually as >> it always messes up my disk zone files and have to always restore them. >> I would still like to use something like that in small DDNS zones also, >> serving just a few IPs only. Non disk writable/modifiable zones could >> perhaps add a small layer of extra security as well. > > If Linux: > > chattr +i filename > > If FreeBSD: > > chflags schg filename
Or chmod +t <directory> I had totally forgotten about that one. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users