Re: CVS commit: cryptosrc-us

To: Bill Sommerfeld <sommerfeld%orchard.arlington.ma.us@localhost>
Subject: Re: CVS commit: cryptosrc-us
From: joda%pdc.kth.se@localhost (Johan Danielsson)
Date: 28 Jan 2000 16:58:30 +0100

Bill Sommerfeld <sommerfeld%orchard.arlington.ma.us@localhost> writes:

> This change introduces a potential security vulnerability (due to
> DNS spoofing) and should be backed out until we include a secure
> resolver.

I don't know what this change is about, but my guess is that it's
`just' another DOS attack you're talking about. With cross-realm stuff
in k5 it could get worse, but you can argue that you're screwed anyway
if that happens.

/Johan

References:
- Re: CVS commit: cryptosrc-us
  - From: Bill Sommerfeld

Prev by Date: CVS commit: syssrc
Next by Date: CVS commit: syssrc
Previous by Thread: Re: CVS commit: cryptosrc-us
Next by Thread: CVS commit: sharesrc
Indexes:

Home | Main Index | Thread Index | Old Index