[Pdns-users] Supermasters and permissions
daniel at omnis.com
Wed Oct 22 01:29:19 UTC 2003
I'm curious as to the permissions system, if any, of supermasters. Our
company is looking to deploy powerdns in a manner where we'll have
multiple people with supermaster access. Picture the following scenario:
Supermaster A creates a domain foo.com. Supermaster B, knowing foo.com
is setup on the powerdns name server from another supermaster, does an
AFXR of foo.com, thereby replacing the foo.com zone on the powerdns server.
I've looked at the tables, documentation, and the code. There are two
common fields between supermasters and domains, but does powerdns
actually check these fields to ensure that the server that created the
zone is the one that's updating it? I admit, I find this C++ code very
confusing, but from what I can tell, it doesn't seem that it checks. Am
P.S. The fortune in my signature is TOTALLY random. I swear.
Daniel Ceregatti - Programmer
Omnis Network, LLC
A superfluous element of a source program included so the
programmer can remember what the hell it was he was doing
six months later. Only the weak-minded need them, according
to those who think they aren't.
More information about the Pdns-users