On Apr 15, 5:29pm, [email protected] (Robert Elz) wrote: -- Subject: Re: bind reacts badly to dhcpcd losing/regaining connectivity
| ps: Christos - capabilities (if we had them) would not be the answer - if you | were to trust bind to be unhackable, then just using root would be just as | good a solution, if you (wisely) fail to believe that all named's bugs | have been fixed, and that it can still be hacked, then giving it extra | capabilities would still be allowing a privilege escalation - not as big | a one as directly to root perhaps, but big things can often be built on | small steps, and taking over a nameserver's answers (being able to intercept | queries to port 53 and return bogus replies) is one of the standard ways | to launch all kinds of attacks - allowing a hacker to bind to port 53, | and perhaps other priv'd ports, depending upon the granualarity of the perms, | which a capability based solution would essentially do (given named bugs | remain to be exploited) is essentially giving them control of your network. I agree. If the bind license was not changed to MPL I would be inclined to add an option to do a wild-card bind(2). Given that it is and we are stuck with a version that we are not going to upgrade until that situation changes I'd advise to switch to unbound/nsd. Of course it would have been nice if ISC would have dual licensed bind to make an exception for the opensource operating systems, but they did not do that either. christos
