Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 14 Feb 1997 09:37:31 +1100 (EST)
From:      Julian Assange <proff@iq.org>
To:        imp@village.org (Warner Losh)
Cc:        security@freebsd.org
Subject:   trusting dns addresses
Message-ID:  <199702132237.JAA00545@profane.iq.org>
In-Reply-To: <330334BD.41C67EA6@village.org> from Warner Losh at "Feb 13, 97 08:35:25 am"

next in thread | previous in thread | raw e-mail | index | archive | help
> If you can't trust your resolver, then you are likely going to have a
> lot of problems all over the system.

Not if you have applied all of my patches.

> This attack requires there to be a bug in the resolver in order to even
> have a chance of succeeding.  If that were the case, better to fix the
> resolver than to fix all places in the source tree where it returns
> data.

I strongly disagree with this view. The problem should be fixed in
both places. Trusting a protocol independent resolver to always
return 4 byte addresses is nothing but bad programming. In fact, at
the moment, despite the additional length checks, it can return 16 byte
ipv6 addresses. No doubt as other protocols are added in the future
we will see other lengths.

I don't trust the resolver code, and I don't trust that even if
is trust-worthy now (which it isn't due to ipv6 addresses), that it
will be trust-worthy tomorrow. Further, the whole idea on having a
BSD-style copyright on the sources is to encourage spread of the
source code to other areas. This spread may well occur without
the latest allegedly trust-worthy resolver library.

It's bad. Its shoddy. It is a security hole now and likely one into
the future and across domains. It breaks encapsulation. It needs
be addressed.

--
Prof. Julian Assange  |If you want to build a ship, don't drum up people
		      |together to collect wood and don't assign them tasks
proff@iq.org          |and work, but rather teach them to long for the endless
proff@gnu.ai.mit.edu  |immensity of the sea. -- Antoine de Saint Exupery



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702132237.JAA00545>