[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: NetBSD Security Advisory 2011-005: ISC dhclient hostname field shell metacharacter injection
On Thu, Apr 28, 2011 at 12:03:54PM +0700, Robert Elz wrote:
> | Someone needs to tell ISC then - BIND has been, by default, rejecting
> | names with _ in them for years.
> I know, and they know, and they ignore it... I used to remove that
> code from bind, these days I just configure it away.
Years and years ago when Sprint had slashes in the hostnames of a
bunch of their routers, it caused a (minor) stir and they were
compelled to change. But maybe what was prohibited then is no longer
prohibited now; once upon a time domains weren't supposed to begin
with digits, either. www.mmm.com still leads to www.3m.com...
David A. Holland
Main Index |
Thread Index |