Date: Fri, 12 Nov 1999 16:55:45 +0100 From: Pierre Beyssac <pb@fasterix.freenix.org> To: sthaug@nethelp.no, aj@entic.net Cc: ust@cert.siemens.de, mike@sentex.net, matt@BabCom.ORG, freebsd-security@FreeBSD.ORG, jseger@FreeBSD.ORG Subject: Re: patch for bind8 port (was: BIND NXT Bug Vulnerability) Message-ID: <19991112165545.A18571@fasterix.frmug.org> In-Reply-To: <45563.942403323@verdi.nethelp.no>; from sthaug@nethelp.no on Fri, Nov 12, 1999 at 11:42:03AM %2B0100 References: <Pine.BSF.4.10.9911110751530.25016-100000@shell.entic.net> <45563.942403323@verdi.nethelp.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 12, 1999 at 11:42:03AM +0100, sthaug@nethelp.no wrote:
> - Zones will be *stored on disk* (by named-xfer) with two SOAs, because
> this is the format on the wire.
>
> - Because they are stored on disk with two SOAs, they will be rejected
> by named the next time it tries to read the zones (for instance when it
> is restarted).
Actually, the zone is not completely rejected: the secondaries
fetch an up-to-date copy and serve it, but they disable the AA flag
in the replies. It is much better than not serving the zone at all.
It's currently happening to me on some secondaries for zone eu.org,
but there's no harm done.
--
Pierre Beyssac pb@fasterix.frmug.org pb@fasterix.freenix.org
BSD : il y a moins bien, mais c'est coté en bourse
Free domains: http://www.eu.org/ or mail dns-manager@EU.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991112165545.A18571>