In a shared web-hosting environment, user error might cause that user’s own DNS zone(s) to become invalid, but it should not cause the DNS server to die.
Still experimenting with Virtualmin 5.0GPL on CentOS 7.2.1511, I created an end-user account whose domain was (for this example only) “example.com”.
Then, logged in as that end user, I went to:
Webmin : Servers : BIND DNS Server :
example.com : Edit Zone Parameters
I changed the email address field to
hostmaster @example.com (note the spurious blank before the at sign), and then I clicked on the Save button.
This creates a ticking time-bomb. The next time BIND is restarted, which will happen sooner or later, it will fail to restart, because the spurious blank went into /etc/named.conf.
If that isn’t bad enough, it actually gets a little worse.
If the user edits the same record again, the email address will now appear only as “hostmaster”. Doing a Save again now fixes the zone file so BIND will now restart correctly. But now, another serious problem occurs: The various numeric fields in the SOA record become corrupted. If previously the numeric fields were
2016013101 900 450 604800 900
they will have been changed to
1 2016013102 900 450 604800
and that’s going to completely screw up zone transfers for example.com. The serial number is now 1 and the refresh value, previously 900 seconds, is now up to about 63 years.