]] Bastien ROUCARIES | main security problem is resolver, | $host -v www.local | www.local | www.local.mydomain.com
So the security problem you see is that if you have a domain called «local» the entries in it might be spoofed due to how the resolver works? To the extent this is a bug, it's a bug in the resolver that it does not treat names with dots in them as absolute, but relative. I know this is how it's been done in the past, but perhaps changing that to treating names with as absolute would be a better solution. Cheers, -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
