[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#509063: ITP: libproxy -- automatic proxy configuration management library

Florian Weimer <fw@deneb.enyo.de> writes:
> * Emilio Pozuelo Monfort:
>>   Description     : automatic proxy configuration management library
>>  libproxy is a lightweight library which makes it easy to develop
>>  applications proxy-aware with a simple and stable API.
> WPAD is a broken protocol with security issues inherent to the DNS
> devolution mechanism (which is also performed by libproxy). 

Agreed.  Still, it is implemented and used by a number of web proxy
using applications.

> Please don't add implementations to the Debian archive.

Isn't the intention to replace existing and future implementations with
this library, thereby confining security issues to a single library?
How many WPAD implementations are there currently in the archive?  Won't
adding this library be an improvement in the long run?

I would very much like this library to become the *only* WPAD
implementation anywhere.  Hopefully eventually with some ability to
define local policies, where the default Debian policy could be very
strict.  E.g. "Never trust DNS for WPAD", or "Never use WPAD at all".

How can you say that trees are bad

Reply to: