Fix bind DLZ module to prevent zone transfers for everyone (!169) · Merge requests · The Samba Team / Samba

Julien Ropé requested to merge littlejawa/samba:bind_dlz_zone_transfer_master into master Dec 17, 2018

The Bind DLZ module was accepting all zone transfer requests, as long as they belongs to the domain, which was seen as a security concern by some users. This issue is referenced in bugzilla here: https://bugzilla.samba.org/show_bug.cgi?id=9634 for bug reference and suggested changes.

As suggested in this ticket, I have modified the module so that it takes a new option from smb.conf listing the authorized IPs. If the option is not set, the behaviour is not changed: the module will accept all requests.

Edited Jul 08, 2020 by Julien Ropé

Fix bind DLZ module to prevent zone transfers for everyone

Merge request reports