On Wed, 16 Nov 2011, David Ford wrote:
can we have a paradigm shift from ISC please? instead of falling over dead with insist/assert, please bleat a warning and drop the problematic issue on the floor instead and press on with business. many BIND DoS attacks (and zone typos) are very effective for just this reason.
These however do guarantee internal state so any kind of new bug is much easier to find and fix. Openswan does the same thing for this very reason. However, openswan does have an init script that runs a while(1) loop over its daemon. This means once we encounter unexpected state, we drop all state and restart. Perhaps bind and/or distributions should also use such an init script. I would prefer that over attempting to continue with a bad internal state and seeing apparent random state/crashers later on in bind because it tried to continue after something bad. Paul _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
