From owner-freebsd-chat Fri Mar 29 4:48:28 2002 Delivered-To: freebsd-chat@freebsd.org Received: from ucan.foad.org (ucan.foad.org [64.173.36.245]) by hub.freebsd.org (Postfix) with ESMTP id 907BC37B41A for ; Fri, 29 Mar 2002 04:48:25 -0800 (PST) Received: (from pde@localhost) by ucan.foad.org (foad/FOAD2.0) id g2TCmOg07245 for chat@freebsd.org; Fri, 29 Mar 2002 04:48:24 -0800 (PST) Date: Fri, 29 Mar 2002 04:48:24 -0800 From: Pete Ehlke To: chat@freebsd.org Subject: Re: qmail (Was: Maintaining Access Control Lists ) Message-ID: <20020329044824.B12348@ehlke.net> References: <20020328203704.GA760@lpt.ens.fr> <20020329081349.GA1737@lpt.ens.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020329081349.GA1737@lpt.ens.fr>; from rsidd@online.fr on Fri, Mar 29, 2002 at 09:13:49AM +0100 Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Mar 29, 2002 at 09:13:49AM +0100, Rahul Siddharthan wrote: > > agree with him that if you accuse him, on a public mailing list, of > ignoring bug reports/security holes, you should say what they are. OK, here's one. Dan's authoritative server, tinydns, is designed to only respond to iterative queries. It is, by design, incapable of providing recursion. It also, by design, does not serve hesiod or chaos class records. I identified a bug in tinydns related to how it responds to hesiod and chaos queries. tinydns and dnscache (dan's recursive server) share the code path that initializes query responses. The code initializes every response with the RA and RD bits set, and tinydns resets those bits. However, it resets them *after* validating the query class. The end result is that tinydns incorrectly sets the RD and RA bits on non-recursive queries in the hesiod and chaos classes. Dan's response to this bug is that tinydns is only designed to serve internet class records, and thus querying it for other classes is user error. This was a simple bug, easily fixed. It doesn't break anything, but the error is clear, and fixing it would involve nothing more than admitting that he had made a coding error. But Dan can't do that. He'd rather insist that he *intends* to return bogus information than fix a trifling little bug. Note for QA folks: when the developer says "That's not a bug, you're using it wrong", you are dealing with the worst sort of arrogant prima donna. -Pete -- "religious fanatics are not part of my desired user base." - djb@cr.yp.to To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message