On 15. 12. 23 14:28, Scott Morizot wrote:
On Fri, Dec 15, 2023 at 6:58 AM Petr Špaček <pspa...@isc.org
<mailto:pspa...@isc.org>> wrote:
Hello.
It smells like a packaging issue to me. Stock BIND (not an obsolete Red
Hat-Frankenstein version) should detect this condition and threat
domains as insecure.
And I think that answers the one question I had. I was curious what BIND
would do at build time on a system like that and it sounds like it would
pick it up during build. I didn't have a system available with the
described issue on which I could do a full build and see what happened.
We do runtime detection at startup because it's configurable, build time
would not work properly.
--
Petr Špaček
Internet Systems Consortium
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users