Re: CVS commit: src/etc/rc.d

To: Tonnerre LOMBARD <tonnerre%netbsd.ch@localhost>
Subject: Re: CVS commit: src/etc/rc.d
From: "Perry E. Metzger" <perry%piermont.com@localhost>
Date: Sat, 08 Aug 2009 15:29:34 -0400

Tonnerre LOMBARD <tonnerre%netbsd.ch@localhost> writes:
> On Sat, Aug 08, 2009 at 11:16:16AM -0400, Perry E. Metzger wrote:
>> I suppose I'm not in my right mind, then, and neither are lots of people
>> who care about security in circumstances where no other trustworthy
>> server exists.
>> 
>> (As an aside, one wonders where you think people can always get said
>> "other servers" from -- do you imagine that all servers on the internet
>> permit recursive queries from unknown machines? Of course, often there
>> is an untrustworthy ISP server available, which these days is often
>> happy to provide you with the "service" of redirecting you to
>> advertising pages they manage when you "mistakenly" ask for a
>> non-existent A record.)
>
> Ok, let's talk security then. What do you think your dnssec signature
> generator is going to do if named is started before ntpd?

So don't do that.

Perry
-- 
Perry E. Metzger                perry%piermont.com@localhost

Follow-Ups:
- Re: CVS commit: src/etc/rc.d
  - From: Tonnerre LOMBARD

References:
- Re: CVS commit: src/etc/rc.d
  - From: Joerg Sonnenberger
- Re: CVS commit: src/etc/rc.d
  - From: Perry E. Metzger
- Re: CVS commit: src/etc/rc.d
  - From: Tonnerre LOMBARD
- Re: CVS commit: src/etc/rc.d
  - From: Perry E. Metzger
- Re: CVS commit: src/etc/rc.d
  - From: Tonnerre LOMBARD

Prev by Date: Re: CVS commit: src/etc/rc.d
Next by Date: Re: CVS commit: src/etc/rc.d
Previous by Thread: Re: CVS commit: src/etc/rc.d
Next by Thread: Re: CVS commit: src/etc/rc.d
Indexes:

Home | Main Index | Thread Index | Old Index