Date: Thu, 22 May 2008 15:21:21 -0700 From: Chuck Swiger <cswiger@mac.com> To: Jonathan Chen <jonc@chen.org.nz> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Multiple instances of BIND at startup Message-ID: <76B8A6DC-8CB4-46A4-9588-A6941080A942@mac.com> In-Reply-To: <20080522203932.GA74897@osiris.chen.org.nz> References: <48345138.8080507@ibctech.ca> <4834599A.1090108@infracaninophile.co.uk> <4834A7B4.9030302@ibctech.ca> <20080521232319.GA57359@osiris.chen.org.nz> <4834B7EE.3000002@ibctech.ca> <20080522020619.GA69543@osiris.chen.org.nz> <4834D891.6050707@ibctech.ca> <20080522035913.GA78449@osiris.chen.org.nz> <483503AD.60801@infracaninophile.co.uk> <4835634F.6060107@ibctech.ca> <20080522203932.GA74897@osiris.chen.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 22, 2008, at 1:39 PM, Jonathan Chen wrote: [ ... ] > If this were true, the "view" feature would be broken. I've just tried > this with a client-based ACL, and there doesn't appear to any > cache-leaking across views. Any counter-examples would be welcome. Well, BIND is up to 28 published security advisories: http://www.isc.org/sw/bind/bind-security.php#matrix ...which not only have included cache poisoning (2003-0914), but many of them allowed for arbitrary code execution, often as root. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?76B8A6DC-8CB4-46A4-9588-A6941080A942>