Re: bug #80888: dnrd: Multiple buffer overflows

[Drew Scott Daniels <umdanie8@cc.UManitoba.CA>]

On Tue, 6 May 2003, Florian Weimer wrote:

> Drew Scott Daniels <umdanie8@cc.UManitoba.CA> writes:
>
> > This bug may be worked around (and therefore downgraded) by having a
> > configuration to warn the user that they must trust the DNS servers
> > (wherever this is configured), and must trust the users.
>
> Are you sure that you only need to trust the DNS servers you contact,
> and not the entire DNS system?  Some resolvers perform incomplete
> syntax checks on DNS packets. 8-(
>
Unfortunately no I'm not sure. Actually it'd be nice to eliminate the need
for trusting the DNS system. I guess a work around would require
specifying trust is needed for the DNS system too, along with your
explanation.

One of the reasons stated for using DNRD was so that users didn't have to
manually switch between /etc/resolv.conf's (or nameserver entries in
there). autodns-dhcp, dnsmasq, laptop-netconf, guessnet, a DNS server
(bind, bind9, djbdns-installer, maradns, mydns, pdns, nsd...), a dhcp
client, may be replacements, but do they replace all the desired
functionality? pdnsd seems to be a better package that provides all the
same features and more, but I haven't looked too deep into either. There
may be no (significant) reason to keep dnrd in the Debian archive.

Note: Messages to dnrd@egroups.com and Brad Garcia <garsh@home.com> are
not going through. To post a message on the dnrd mailing list one needs to
be subscribed, and I'm getting "550 5.1.2 <garsh@home.com>... Host unknown
(Name server: home.com: no data known)".

     Drew Daniels