Filed with Developers HIde dns entries for remote domains in new Write Only option [Case 56232]

[Snowman30]

The new Write only option in the cpanel dns cluster system is a great idea as it prevents users form mistakenly editing or deleting remotely hosted domains on the cluster that are not local to the server, and it does provide security to clients when running a dns cluster service for dedicated server clients however while the remote dns files cant be edited there is a flaw in the logic as the root user can still see all the emote domains when looking up delete dns or edit dns from root user on the local machine

to me this is a privacy issue especially when in a dedicated cluster environment

Please when Write only mode is selected only show the domains held locally in the cluster in the /var/named directory and not the remote domains of the cluster...

[htm]

Hello,

I think this is still happening. Is there a away to avoid a cluster member with write-only role to see all DNS zones?


Best regards,

Hugo Trovao

[mtrobp]

I'll second that vote. It is very confusing to see _all_ the domains in the Edit DNS Zone list (or Delete). At best it clutters up the display with incorrect information. At worst it allows a customer to delete zones on other servers they don't have access to. Has no one yet had to explain to customer1 that you are very sorry but customer2 decided to delete their DNS entries because he didn't recognize them. Eeeeek!!

Please fix this ASAP.

Thanks,
Todd

[ks04]

I noticed this never recieved an offical response and I am having the same issue now...
Did anyone get anywhere with this?
Ta.

[monarobase]

If I'm not mistaken this request is similar to this one :

http://forums.cpanel.net/f145/overri...ed-251861.html

[ks04]

If I'm not mistaked this request is similar to this one :

http://forums.cpanel.net/f145/overri...ed-251861.html

Interesting it seems like in this case they were at least able to hide the DNS entries from the 'delete zone' list - but I'm not sure how they managed this.... any clues?

[cPanelDavidG]

If I'm not mistaken this request is similar to this one :

http://forums.cpanel.net/f145/overri...ed-251861.html

IIRC this thread focuses on root-level users and that thread focuses on reseller-level users. We are currently analyzing the architecture of DNS clustering and if we can solve both issues simultaneously with hopefully the same solution, then I'll merge the threads. Otherwise, I didn't want people to be offended/confused that I merged 2 somewhat similar but not identical threads.

[ks04]

IIRC this thread focuses on root-level users and that thread focuses on reseller-level users. We are currently analyzing the architecture of DNS clustering and if we can solve both issues simultaneously with hopefully the same solution, then I'll merge the threads. Otherwise, I didn't want people to be offended/confused that I merged 2 somewhat similar but not identical threads.

Yes David, you've summed up what I am trying to achieve. Fingers crossed for a release soon.
Ta

[simoesp]

bump,

i got the same problem any solution ?

[wintech2003]

I'll second that vote. It is very confusing to see _all_ the domains in the Edit DNS Zone list (or Delete). At best it clutters up the display with incorrect information. At worst it allows a customer to delete zones on other servers they don't have access to. Has no one yet had to explain to customer1 that you are very sorry but customer2 decided to delete their DNS entries because he didn't recognize them. Eeeeek!!

You're spot on. I'd really like a solution on this soon so that not all domains show up on any webserver who is member of the DNS cluster. What would happen if someone has ie 10.000 domains on his DNS cluster... it'd be impossible to manage if every webserver would list all 10.000 domains.