![]() They considered a security hole that allows a compromise of the machine on which the name server is running (for example, by allowing remote code execution) to be worse than one that causes the program to exit. When writing BIND 9, the authors were very mindful of security. Although underlying reasons can be different, many of these advisories report the cause as the issue “triggering an assertion in BIND, after which BIND exits.” So what are assertions, and why do they cause BIND to crash? If we think the reported issue is serious enough, we will issue a release of the software containing the fix, and a security advisory explaining the problem. ISC has a formal process for handling reports of security bugs. ![]() With the recent spate of patch releases of BIND due to security issues, I thought that it was worth putting fingers to keyboard to shed some light on the sources of these problems and what ISC is doing about them. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |