DNS Cache Snooping?
jlightner at water.com
Wed Jun 25 18:34:10 UTC 2008
"suppose RH's 9.4 RPM were to edit your named.conf?"
Funny - I had just spoken to RH support before upgrading from 9.3.3rc to
9.3.4 P1 on that very subject. (They don't, by the way, although they
did recommend backing up everything "just in case".)
The reason I asked to confirm that before I did the yum update was that
back when I first worked on Solaris we had made specialized entries in
st.conf for out Qualtstar tape library. We later applied a Sun patch
bundle and it put in a "default" st.conf but didn't save the one we'd
had. I railed against Sun support saying "Would you put in a
authentication patch that overwrote /etc/passwd and /etc/shadow with
defaults? Would you put in a host lookup patch that put in a default
From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
Behalf Of Paul Vixie
Sent: Wednesday, June 25, 2008 2:14 PM
To: bind-users at isc.org
Subject: Re: DNS Cache Snooping?
Chris Thompson <cet1 at hermes.cam.ac.uk> writes:
> Is this some strange meaning of the phrase "fully backward-compatible"
> of which I was previously unaware?
> Most obviously allow-recursion defaults to "localnets;localhost;" in
> instead of "any;" in 9.3. That's exactly the sort of thing that "could
> break existing configurations", big time.
ok, you got me on that one.
> The change has an entirely rational motivation, and it's pretty well
> documented, but you really can't claim that it isn't an
i expect it will fix more broken configs than it will break working
but your point is valid. suppose RH's 9.4 RPM were to edit your
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
More information about the bind-users