On 6/21/12 1:41 PM, Kevin Chadwick wrote:
It'll be confusing, but the fact of the matter is that the "OS service
calls" are pretty broken for cases when you might have more than one
hostname to resolve and might care about doing other things at the same
time (like in a browser, say)
I can understand why an OS wouldn't listen to this and they would be
right. A domain is exact not fuzzed.
I have no idea what you mean there. I'm talking about a situation where
you want to resolve foo.com, bar.cdn.com and resources.foo.com all in
parallel. No fuzzing of any sort.
As for using your own resolver that would be an extremely bad move
Please go read the long existing discussions on this.
Many use say unbound or spybot or their own host
file blocking.
Our own resolver would obviously have to look at the host file, yes.
It would also add to and not reduce firefox's
memory footprint.
Maybe. Our own resolver may be less complex than working around all the
issues with the OS resolvers. For example, right now dealing with DNS
resolution involves allocating a threadpool and all that jazz, which
means not only lots of code to manage that but also a good bit of
runtime address space and memory use.
-Boris
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
