I assume ISC does not deliberately insert aborts
triggerable by bad data in DNS queries and answers.
Much more likel,y they do it when something happens
that is supposed to be logically impossible whatever the
incoming data, and implies continuing to run is
potentially insecure and/or will just create a
subsequent, more obscure crash. I assume the fact
that bad data triggered an abort is due to a bug.
That said, in this case they might be changing this
specific abort to a warning, fixing up what state
they can and crossing their fingers.
John
On Nov 16, 2011, at 7:35 AM, David Ford wrote:
can we have a paradigm shift from ISC please? instead of falling over
dead with insist/assert, please bleat a warning and drop the
problematic
issue on the floor instead and press on with business. many BIND DoS
attacks (and zone typos) are very effective for just this reason.
:)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
