Re: _DNS_ security problems

• To: smb@research.att.com, strombrg@hydra.acs.uci.edu
• Subject: Re: _DNS_ security problems
• From: Rich Salz <rsalz@osf.org>
• Date: Sun, 3 Mar 1996 17:41:49 -0500
• Cc: ekr@terisa.com, rsalz@osf.org, www-security@ns2.rutgers.edu

>API's should do reasonable things with illegal inputs

Perhaps, but taken to some extreme this goes against the spirit of C.
What should the following do?
	fclose(NULL)l
	strcpy(NULL, "abc");
	sprintf(buff, "%s");

>syslog(), being an API, should do reasonable things with unreasonable
>inputs.

Sendmail, being a program that takes arbitrary input from the network,
should not ship it around to other API's blndly.

>The resolver routines, being an API, should do reasonable things with
>unreasonable inputs.

To the extent that the underlying DNS allows this, yes.  Doing forward
checks after gethostbyaddr is *not* the job of the of the API.  If
you think otherwise then you need to go learn more about DNS and what
security/integrity guarantees it does, and does not, provide.

> but to call it anything but a pitfall is clearly specious.

At least for the DNS case (gethostbyaddr/gethostbyname), you do not know
what you are talking about.  Sorry to be blunt, and perhaps rude, but
it's true.

I think this is my last word on this subject. :)
	/r$

• Re: _DNS_ security problems
• From: Dan Stromberg <strombrg@hydra.acs.uci.edu>

• Previous: Re: _DNS_ security problems
• Next: Re: _DNS_ security problems
• Index(es):
  • Index
  • Thread