trigger point for new bug
John Wobus
jw354 at cornell.edu
Thu Nov 17 14:49:34 UTC 2011
On Nov 16, 2011, at 4:20 PM, Michael McNally wrote:
> On 11/16/11 9:55 AM, Chris Brookes wrote:
>> Any info on whether the newly announced bug can be triggered before
>> the query ACL is applied on a recursive only server? An authoritative
>> only server ought to be safe?
>
> According to our best current understanding of the issue:
>
> + Authoritative-only nameservers should be safe and only
> recursing servers at risk.
How about authoritative-only views? I.e., if a query reaches
the bind instance but is in a view that does not have caching,
could it crash the instance? (I assume not.)
Also, folks who had problems: did anyone have a crash
by a bind instance that cannot receive queries from the outside
world? I.e. incoming port 53 firewalled by the server or
an external device.
My assumption is that the crashes were typically triggered
by sites's own DNS queries, but it would be nice to
confirm that some site knows their crash happened that way.
John
More information about the bind-users
mailing list